1 files changed, 23 insertions, 0 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 1f7c2491d3dc..671273eb1115 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -9,6 +9,7 @@
 #define _SELINUX_SECURITY_H_
 #include <linux/magic.h>
+#include <linux/types.h>
 #include "flask.h"
 #define SECSID_NULL                     0x00000000 /* unspecified SID */
@@ -82,6 +83,8 @@ extern int selinux_policycap_openperm;
 int security_mls_enabled(void);
 int security_load_policy(void *data, size_t len);
+int security_read_policy(void **data, ssize_t *len);
+size_t security_policydb_len(void);
 int security_policycap_supported(unsigned int req_cap);
@@ -191,5 +194,25 @@ static inline int security_netlbl_sid_to_secattr(u32 sid,
 const char *security_get_initial_sid_context(u32 sid);
+/*
+ * status notifier using mmap interface
+ */
+extern struct page *selinux_kernel_status_page(void);
+#define SELINUX_KERNEL_STATUS_VERSION   1
+struct selinux_kernel_status {
+        u32     version;        /* version number of thie structure */
+        u32     sequence;       /* sequence number of seqlock logic */
+        u32     enforcing;      /* current setting of enforcing mode */
+        u32     policyload;     /* times of policy reloaded */
+        u32     deny_unknown;   /* current setting of deny_unknown */
+        /*
+         * The version > 0 supports above members.
+         */
+} __attribute__((packed));
+extern void selinux_status_update_setenforce(int enforcing);
+extern void selinux_status_update_policyload(int seqno);
 #endif /* _SELINUX_SECURITY_H_ */

diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 1f7c2491d3dc..671273eb1115 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h
@@ -9,6 +9,7 @@
9	#define _SELINUX_SECURITY_H_	9	#define _SELINUX_SECURITY_H_
10		10
11	#include <linux/magic.h>	11	#include <linux/magic.h>
		12	#include <linux/types.h>
12	#include "flask.h"	13	#include "flask.h"
13		14
14	#define SECSID_NULL 0x00000000 /* unspecified SID */	15	#define SECSID_NULL 0x00000000 /* unspecified SID */
@@ -82,6 +83,8 @@ extern int selinux_policycap_openperm;
82	int security_mls_enabled(void);	83	int security_mls_enabled(void);
83		84
84	int security_load_policy(void *data, size_t len);	85	int security_load_policy(void *data, size_t len);
		86	int security_read_policy(void *data, ssize_t len);
		87	size_t security_policydb_len(void);
85		88
86	int security_policycap_supported(unsigned int req_cap);	89	int security_policycap_supported(unsigned int req_cap);
87		90
@@ -191,5 +194,25 @@ static inline int security_netlbl_sid_to_secattr(u32 sid,
191		194
192	const char *security_get_initial_sid_context(u32 sid);	195	const char *security_get_initial_sid_context(u32 sid);
193		196
		197	/*
		198	* status notifier using mmap interface
		199	*/
		200	extern struct page *selinux_kernel_status_page(void);
		201
		202	#define SELINUX_KERNEL_STATUS_VERSION 1
		203	struct selinux_kernel_status {
		204	u32 version; /* version number of thie structure */
		205	u32 sequence; /* sequence number of seqlock logic */
		206	u32 enforcing; /* current setting of enforcing mode */
		207	u32 policyload; /* times of policy reloaded */
		208	u32 deny_unknown; /* current setting of deny_unknown */
		209	/*
		210	* The version > 0 supports above members.
		211	*/
		212	} __attribute__((packed));
		213
		214	extern void selinux_status_update_setenforce(int enforcing);
		215	extern void selinux_status_update_policyload(int seqno);
		216
194	#endif /* _SELINUX_SECURITY_H_ */	217	#endif /* _SELINUX_SECURITY_H_ */
195		218