Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6: selinux: preserve boolean values across policy reloads selinux: change numbering of boolean directory inodes in selinuxfs selinux: remove unused enumeration constant from selinuxfs selinux: explicitly number all selinuxfs inodes selinux: export initial SID contexts via selinuxfs selinux: remove userland security class and permission definitions SELinux: move security_skb_extlbl_sid() out of the security server MAINTAINERS: update selinux entry SELinux: rename selinux_netlabel.h to netlabel.h SELinux: extract the NetLabel SELinux support from the security server NetLabel: convert a BUG_ON in the CIPSO code to a runtime check NetLabel: cleanup and document CIPSO constants
author: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-04-27 13:47:29 -0400
committer: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-04-27 13:47:29 -0400
commit: a205752d1ad2d37d6597aaae5a56fc396a770868 (patch)
tree: 1def76b02da90b98cefd66c4ba3904697963c358 /security/selinux/include/security.h
parent: 39bc89fd4019b164002adaacef92c4140e37955a (diff)
parent: e900a7d90ae1486ac95c10e0b7337fc2c2eda529 (diff)
1 files changed, 26 insertions, 3 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 210eec77e7ff..b94378afea25 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -34,7 +34,7 @@
 #define POLICYDB_VERSION_MAX    POLICYDB_VERSION_RANGETRANS
 #endif
-struct sk_buff;
+struct netlbl_lsm_secattr;
 extern int selinux_enabled;
 extern int selinux_mls_enabled;
@@ -82,8 +82,6 @@ int security_netif_sid(char *name, u32 *if_sid,
 int security_node_sid(u16 domain, void *addr, u32 addrlen,
        u32 *out_sid);
-void security_skb_extlbl_sid(struct sk_buff *skb, u32 base_sid, u32 *sid);
 int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
                                 u16 tclass);
@@ -102,5 +100,30 @@ int security_fs_use(const char *fstype, unsigned int *behavior,
 int security_genfs_sid(const char *fstype, char *name, u16 sclass,
        u32 *sid);
+#ifdef CONFIG_NETLABEL
+int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
+                                   u32 base_sid,
+                                   u32 *sid);
+int security_netlbl_sid_to_secattr(u32 sid,
+                                   struct netlbl_lsm_secattr *secattr);
+#else
+static inline int security_netlbl_secattr_to_sid(
+                                            struct netlbl_lsm_secattr *secattr,
+                                            u32 base_sid,
+                                            u32 *sid)
+{
+        return -EIDRM;
+}
+static inline int security_netlbl_sid_to_secattr(u32 sid,
+                                           struct netlbl_lsm_secattr *secattr)
+{
+        return -ENOENT;
+}
+#endif /* CONFIG_NETLABEL */
+const char *security_get_initial_sid_context(u32 sid);
 #endif /* _SELINUX_SECURITY_H_ */
author	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-04-27 13:47:29 -0400
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-04-27 13:47:29 -0400
commit	a205752d1ad2d37d6597aaae5a56fc396a770868 (patch)
tree	1def76b02da90b98cefd66c4ba3904697963c358 /security/selinux/include/security.h
parent	39bc89fd4019b164002adaacef92c4140e37955a (diff)
parent	e900a7d90ae1486ac95c10e0b7337fc2c2eda529 (diff)

diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 210eec77e7ff..b94378afea25 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h
@@ -34,7 +34,7 @@
34	#define POLICYDB_VERSION_MAX POLICYDB_VERSION_RANGETRANS	34	#define POLICYDB_VERSION_MAX POLICYDB_VERSION_RANGETRANS
35	#endif	35	#endif
36		36
37	struct sk_buff;	37	struct netlbl_lsm_secattr;
38		38
39	extern int selinux_enabled;	39	extern int selinux_enabled;
40	extern int selinux_mls_enabled;	40	extern int selinux_mls_enabled;
@@ -82,8 +82,6 @@ int security_netif_sid(char name, u32 if_sid,
82	int security_node_sid(u16 domain, void *addr, u32 addrlen,	82	int security_node_sid(u16 domain, void *addr, u32 addrlen,
83	u32 *out_sid);	83	u32 *out_sid);
84		84
85	void security_skb_extlbl_sid(struct sk_buff skb, u32 base_sid, u32 sid);
86
87	int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,	85	int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
88	u16 tclass);	86	u16 tclass);
89		87
@@ -102,5 +100,30 @@ int security_fs_use(const char fstype, unsigned int behavior,
102	int security_genfs_sid(const char fstype, char name, u16 sclass,	100	int security_genfs_sid(const char fstype, char name, u16 sclass,
103	u32 *sid);	101	u32 *sid);
104		102
		103	#ifdef CONFIG_NETLABEL
		104	int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
		105	u32 base_sid,
		106	u32 *sid);
		107
		108	int security_netlbl_sid_to_secattr(u32 sid,
		109	struct netlbl_lsm_secattr *secattr);
		110	#else
		111	static inline int security_netlbl_secattr_to_sid(
		112	struct netlbl_lsm_secattr *secattr,
		113	u32 base_sid,
		114	u32 *sid)
		115	{
		116	return -EIDRM;
		117	}
		118
		119	static inline int security_netlbl_sid_to_secattr(u32 sid,
		120	struct netlbl_lsm_secattr *secattr)
		121	{
		122	return -ENOENT;
		123	}
		124	#endif /* CONFIG_NETLABEL */
		125
		126	const char *security_get_initial_sid_context(u32 sid);
		127
105	#endif /* _SELINUX_SECURITY_H_ */	128	#endif /* _SELINUX_SECURITY_H_ */
106		129