SELinux: extract the NetLabel SELinux support from the security server

Up until this patch the functions which have provided NetLabel support to SELinux have been integrated into the SELinux security server, which for various reasons is not really ideal. This patch makes an effort to extract as much of the NetLabel support from the security server as possibile and move it into it's own file within the SELinux directory structure. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
author: Paul Moore <paul.moore@hp.com> 2007-02-28 15:14:22 -0500
committer: James Morris <jmorris@namei.org> 2007-04-26 01:35:48 -0400
commit: 5778eabd9cdbf16ea3e40248c452b4fd25554d11 (patch)
tree: a488fd5fc07c01b93fe38621888cc50c64cfc0a1 /security/selinux/include/security.h
parent: 128c6b6cbffc8203e13ea5712a8aa65d2ed82e4e (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 210eec77e7ff..605b07165af8 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -35,6 +35,7 @@
 #endif
 struct sk_buff;
+struct netlbl_lsm_secattr;
 extern int selinux_enabled;
 extern int selinux_mls_enabled;
@@ -102,5 +103,28 @@ int security_fs_use(const char *fstype, unsigned int *behavior,
 int security_genfs_sid(const char *fstype, char *name, u16 sclass,
        u32 *sid);
+#ifdef CONFIG_NETLABEL
+int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
+                                   u32 base_sid,
+                                   u32 *sid);
+int security_netlbl_sid_to_secattr(u32 sid,
+                                   struct netlbl_lsm_secattr *secattr);
+#else
+static inline int security_netlbl_secattr_to_sid(
+                                            struct netlbl_lsm_secattr *secattr,
+                                            u32 base_sid,
+                                            u32 *sid)
+{
+        return -EIDRM;
+}
+static inline int security_netlbl_sid_to_secattr(u32 sid,
+                                           struct netlbl_lsm_secattr *secattr)
+{
+        return -ENOENT;
+}
+#endif /* CONFIG_NETLABEL */
 #endif /* _SELINUX_SECURITY_H_ */
author	Paul Moore <paul.moore@hp.com>	2007-02-28 15:14:22 -0500
committer	James Morris <jmorris@namei.org>	2007-04-26 01:35:48 -0400
commit	5778eabd9cdbf16ea3e40248c452b4fd25554d11 (patch)
tree	a488fd5fc07c01b93fe38621888cc50c64cfc0a1 /security/selinux/include/security.h
parent	128c6b6cbffc8203e13ea5712a8aa65d2ed82e4e (diff)

diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 210eec77e7ff..605b07165af8 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h
@@ -35,6 +35,7 @@
35	#endif	35	#endif
36		36
37	struct sk_buff;	37	struct sk_buff;
		38	struct netlbl_lsm_secattr;
38		39
39	extern int selinux_enabled;	40	extern int selinux_enabled;
40	extern int selinux_mls_enabled;	41	extern int selinux_mls_enabled;
@@ -102,5 +103,28 @@ int security_fs_use(const char fstype, unsigned int behavior,
102	int security_genfs_sid(const char fstype, char name, u16 sclass,	103	int security_genfs_sid(const char fstype, char name, u16 sclass,
103	u32 *sid);	104	u32 *sid);
104		105
		106	#ifdef CONFIG_NETLABEL
		107	int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
		108	u32 base_sid,
		109	u32 *sid);
		110
		111	int security_netlbl_sid_to_secattr(u32 sid,
		112	struct netlbl_lsm_secattr *secattr);
		113	#else
		114	static inline int security_netlbl_secattr_to_sid(
		115	struct netlbl_lsm_secattr *secattr,
		116	u32 base_sid,
		117	u32 *sid)
		118	{
		119	return -EIDRM;
		120	}
		121
		122	static inline int security_netlbl_sid_to_secattr(u32 sid,
		123	struct netlbl_lsm_secattr *secattr)
		124	{
		125	return -ENOENT;
		126	}
		127	#endif /* CONFIG_NETLABEL */
		128
105	#endif /* _SELINUX_SECURITY_H_ */	129	#endif /* _SELINUX_SECURITY_H_ */
106		130