diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-01-21 12:06:02 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-01-21 12:06:02 -0500 |
| commit | fb2e2c85375a0380d6818f153ffa2ae9ebbd055f (patch) | |
| tree | cf8498a01357c220e4d664ff67125f60146f0da3 /security/selinux/ss/policydb.h | |
| parent | ec513b16c480c6cdda1e3d597e611eafca05227b (diff) | |
| parent | 923b49ff69fcbffe6f8b2739de218c45544392a7 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security layer updates from James Morris:
"Changes for this kernel include maintenance updates for Smack, SELinux
(and several networking fixes), IMA and TPM"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (39 commits)
SELinux: Fix memory leak upon loading policy
tpm/tpm-sysfs: active_show() can be static
tpm: tpm_tis: Fix compile problems with CONFIG_PM_SLEEP/CONFIG_PNP
tpm: Make tpm-dev allocate a per-file structure
tpm: Use the ops structure instead of a copy in tpm_vendor_specific
tpm: Create a tpm_class_ops structure and use it in the drivers
tpm: Pull all driver sysfs code into tpm-sysfs.c
tpm: Move sysfs functions from tpm-interface to tpm-sysfs
tpm: Pull everything related to /dev/tpmX into tpm-dev.c
char: tpm: nuvoton: remove unused variable
tpm: MAINTAINERS: Cleanup TPM Maintainers file
tpm/tpm_i2c_atmel: fix coccinelle warnings
tpm/tpm_ibmvtpm: fix unreachable code warning (smatch warning)
tpm/tpm_i2c_stm_st33: Check return code of get_burstcount
tpm/tpm_ppi: Check return value of acpi_get_name
tpm/tpm_ppi: Do not compare strcmp(a,b) == -1
ima: remove unneeded size_limit argument from ima_eventdigest_init_common()
ima: update IMA-templates.txt documentation
ima: pass HASH_ALGO__LAST as hash algo in ima_eventdigest_init()
ima: change the default hash algorithm to SHA1 in ima_eventdigest_ng_init()
...
Diffstat (limited to 'security/selinux/ss/policydb.h')
| -rw-r--r-- | security/selinux/ss/policydb.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h index da637471d4ce..725d5945a97e 100644 --- a/security/selinux/ss/policydb.h +++ b/security/selinux/ss/policydb.h | |||
| @@ -154,6 +154,17 @@ struct cond_bool_datum { | |||
| 154 | struct cond_node; | 154 | struct cond_node; |
| 155 | 155 | ||
| 156 | /* | 156 | /* |
| 157 | * type set preserves data needed to determine constraint info from | ||
| 158 | * policy source. This is not used by the kernel policy but allows | ||
| 159 | * utilities such as audit2allow to determine constraint denials. | ||
| 160 | */ | ||
| 161 | struct type_set { | ||
| 162 | struct ebitmap types; | ||
| 163 | struct ebitmap negset; | ||
| 164 | u32 flags; | ||
| 165 | }; | ||
| 166 | |||
| 167 | /* | ||
| 157 | * The configuration data includes security contexts for | 168 | * The configuration data includes security contexts for |
| 158 | * initial SIDs, unlabeled file systems, TCP and UDP port numbers, | 169 | * initial SIDs, unlabeled file systems, TCP and UDP port numbers, |
| 159 | * network interfaces, and nodes. This structure stores the | 170 | * network interfaces, and nodes. This structure stores the |