diff options
author | Eric Paris <eparis@redhat.com> | 2009-05-18 10:26:10 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-05-18 18:19:00 -0400 |
commit | 75834fc3b6fcff00327f5d2a18760c1e8e0179c5 (patch) | |
tree | 28b1085d2aa76517024709d2f077fdc41aeec4c2 /security | |
parent | c3d20103d08e5c0b6738fbd0acf3ca004e5356c5 (diff) |
SELinux: move SELINUX_MAGIC into magic.h
The selinuxfs superblock magic is used inside the IMA code, but is being
defined in two places and could someday get out of sync. This patch moves the
declaration into magic.h so it is only done once.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/ima/ima_policy.c | 8 | ||||
-rw-r--r-- | security/selinux/include/security.h | 3 |
2 files changed, 4 insertions, 7 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index dec6dcb1c8de..31d677f7c65f 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c | |||
@@ -49,14 +49,12 @@ struct ima_measure_rule_entry { | |||
49 | * written in terms of .action, .func, .mask, .fsmagic, and .uid | 49 | * written in terms of .action, .func, .mask, .fsmagic, and .uid |
50 | */ | 50 | */ |
51 | static struct ima_measure_rule_entry default_rules[] = { | 51 | static struct ima_measure_rule_entry default_rules[] = { |
52 | {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC, | 52 | {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC}, |
53 | .flags = IMA_FSMAGIC}, | ||
54 | {.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC}, | 53 | {.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC}, |
55 | {.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC}, | 54 | {.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC}, |
56 | {.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC}, | 55 | {.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC}, |
57 | {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC, | 56 | {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC}, |
58 | .flags = IMA_FSMAGIC}, | 57 | {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC}, |
59 | {.action = DONT_MEASURE,.fsmagic = 0xF97CFF8C,.flags = IMA_FSMAGIC}, | ||
60 | {.action = MEASURE,.func = FILE_MMAP,.mask = MAY_EXEC, | 58 | {.action = MEASURE,.func = FILE_MMAP,.mask = MAY_EXEC, |
61 | .flags = IMA_FUNC | IMA_MASK}, | 59 | .flags = IMA_FUNC | IMA_MASK}, |
62 | {.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC, | 60 | {.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC, |
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index a7be3f01fb08..ca835795a8b3 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h | |||
@@ -8,14 +8,13 @@ | |||
8 | #ifndef _SELINUX_SECURITY_H_ | 8 | #ifndef _SELINUX_SECURITY_H_ |
9 | #define _SELINUX_SECURITY_H_ | 9 | #define _SELINUX_SECURITY_H_ |
10 | 10 | ||
11 | #include <linux/magic.h> | ||
11 | #include "flask.h" | 12 | #include "flask.h" |
12 | 13 | ||
13 | #define SECSID_NULL 0x00000000 /* unspecified SID */ | 14 | #define SECSID_NULL 0x00000000 /* unspecified SID */ |
14 | #define SECSID_WILD 0xffffffff /* wildcard SID */ | 15 | #define SECSID_WILD 0xffffffff /* wildcard SID */ |
15 | #define SECCLASS_NULL 0x0000 /* no class */ | 16 | #define SECCLASS_NULL 0x0000 /* no class */ |
16 | 17 | ||
17 | #define SELINUX_MAGIC 0xf97cff8c | ||
18 | |||
19 | /* Identify specific policy version changes */ | 18 | /* Identify specific policy version changes */ |
20 | #define POLICYDB_VERSION_BASE 15 | 19 | #define POLICYDB_VERSION_BASE 15 |
21 | #define POLICYDB_VERSION_BOOL 16 | 20 | #define POLICYDB_VERSION_BOOL 16 |