diff options
author | Venkat Yekkirala <vyekkirala@TrustedCS.com> | 2006-07-25 02:27:16 -0400 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-09-22 17:53:21 -0400 |
commit | 08554d6b33e60aa8ee40bbef94505941c0eefef2 (patch) | |
tree | 1610750ccd13872a33fffffcce057e10aa785d2e /security/selinux/include/security.h | |
parent | 51bd39860ff829475aef611a3234309e37e090d9 (diff) |
[MLSXFRM]: Define new SELinux service routine
This defines a routine that combines the Type Enforcement portion of
one sid with the MLS portion from the other sid to arrive at a new
sid. This would be used to define a sid for a security association
that is to be negotiated by IKE as well as for determing the sid for
open requests and connection-oriented child sockets.
Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security/selinux/include/security.h')
-rw-r--r-- | security/selinux/include/security.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 063af47bb231..911954a692fa 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h | |||
@@ -78,6 +78,8 @@ int security_node_sid(u16 domain, void *addr, u32 addrlen, | |||
78 | int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid, | 78 | int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid, |
79 | u16 tclass); | 79 | u16 tclass); |
80 | 80 | ||
81 | int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid); | ||
82 | |||
81 | #define SECURITY_FS_USE_XATTR 1 /* use xattr */ | 83 | #define SECURITY_FS_USE_XATTR 1 /* use xattr */ |
82 | #define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */ | 84 | #define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */ |
83 | #define SECURITY_FS_USE_TASK 3 /* use task SIDs, e.g. pipefs/sockfs */ | 85 | #define SECURITY_FS_USE_TASK 3 /* use task SIDs, e.g. pipefs/sockfs */ |