diff options
| -rw-r--r-- | security/selinux/include/security.h | 1 | ||||
| -rw-r--r-- | security/selinux/ss/services.c | 33 |
2 files changed, 0 insertions, 34 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 23137c17f917..837ce420d2f6 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h | |||
| @@ -107,7 +107,6 @@ int security_get_classes(char ***classes, int *nclasses); | |||
| 107 | int security_get_permissions(char *class, char ***perms, int *nperms); | 107 | int security_get_permissions(char *class, char ***perms, int *nperms); |
| 108 | int security_get_reject_unknown(void); | 108 | int security_get_reject_unknown(void); |
| 109 | int security_get_allow_unknown(void); | 109 | int security_get_allow_unknown(void); |
| 110 | int security_get_policycaps(int *len, int **values); | ||
| 111 | 110 | ||
| 112 | #define SECURITY_FS_USE_XATTR 1 /* use xattr */ | 111 | #define SECURITY_FS_USE_XATTR 1 /* use xattr */ |
| 113 | #define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */ | 112 | #define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */ |
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index fced6bccee76..f37418601215 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
| @@ -2246,39 +2246,6 @@ int security_get_allow_unknown(void) | |||
| 2246 | } | 2246 | } |
| 2247 | 2247 | ||
| 2248 | /** | 2248 | /** |
| 2249 | * security_get_policycaps - Query the loaded policy for its capabilities | ||
| 2250 | * @len: the number of capability bits | ||
| 2251 | * @values: the capability bit array | ||
| 2252 | * | ||
| 2253 | * Description: | ||
| 2254 | * Get an array of the policy capabilities in @values where each entry in | ||
| 2255 | * @values is either true (1) or false (0) depending the policy's support of | ||
| 2256 | * that feature. The policy capabilities are defined by the | ||
| 2257 | * POLICYDB_CAPABILITY_* enums. The size of the array is stored in @len and it | ||
| 2258 | * is up to the caller to free the array in @values. Returns zero on success, | ||
| 2259 | * negative values on failure. | ||
| 2260 | * | ||
| 2261 | */ | ||
| 2262 | int security_get_policycaps(int *len, int **values) | ||
| 2263 | { | ||
| 2264 | int rc = -ENOMEM; | ||
| 2265 | unsigned int iter; | ||
| 2266 | |||
| 2267 | POLICY_RDLOCK; | ||
| 2268 | |||
| 2269 | *values = kcalloc(POLICYDB_CAPABILITY_MAX, sizeof(int), GFP_ATOMIC); | ||
| 2270 | if (*values == NULL) | ||
| 2271 | goto out; | ||
| 2272 | for (iter = 0; iter < POLICYDB_CAPABILITY_MAX; iter++) | ||
| 2273 | (*values)[iter] = ebitmap_get_bit(&policydb.policycaps, iter); | ||
| 2274 | *len = POLICYDB_CAPABILITY_MAX; | ||
| 2275 | |||
| 2276 | out: | ||
| 2277 | POLICY_RDUNLOCK; | ||
| 2278 | return rc; | ||
| 2279 | } | ||
| 2280 | |||
| 2281 | /** | ||
| 2282 | * security_policycap_supported - Check for a specific policy capability | 2249 | * security_policycap_supported - Check for a specific policy capability |
| 2283 | * @req_cap: capability | 2250 | * @req_cap: capability |
| 2284 | * | 2251 | * |