diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/include/security.h | 1 | ||||
-rw-r--r-- | security/selinux/ss/services.c | 33 |
2 files changed, 0 insertions, 34 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 23137c17f917..837ce420d2f6 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h | |||
@@ -107,7 +107,6 @@ int security_get_classes(char ***classes, int *nclasses); | |||
107 | int security_get_permissions(char *class, char ***perms, int *nperms); | 107 | int security_get_permissions(char *class, char ***perms, int *nperms); |
108 | int security_get_reject_unknown(void); | 108 | int security_get_reject_unknown(void); |
109 | int security_get_allow_unknown(void); | 109 | int security_get_allow_unknown(void); |
110 | int security_get_policycaps(int *len, int **values); | ||
111 | 110 | ||
112 | #define SECURITY_FS_USE_XATTR 1 /* use xattr */ | 111 | #define SECURITY_FS_USE_XATTR 1 /* use xattr */ |
113 | #define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */ | 112 | #define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */ |
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index fced6bccee76..f37418601215 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
@@ -2246,39 +2246,6 @@ int security_get_allow_unknown(void) | |||
2246 | } | 2246 | } |
2247 | 2247 | ||
2248 | /** | 2248 | /** |
2249 | * security_get_policycaps - Query the loaded policy for its capabilities | ||
2250 | * @len: the number of capability bits | ||
2251 | * @values: the capability bit array | ||
2252 | * | ||
2253 | * Description: | ||
2254 | * Get an array of the policy capabilities in @values where each entry in | ||
2255 | * @values is either true (1) or false (0) depending the policy's support of | ||
2256 | * that feature. The policy capabilities are defined by the | ||
2257 | * POLICYDB_CAPABILITY_* enums. The size of the array is stored in @len and it | ||
2258 | * is up to the caller to free the array in @values. Returns zero on success, | ||
2259 | * negative values on failure. | ||
2260 | * | ||
2261 | */ | ||
2262 | int security_get_policycaps(int *len, int **values) | ||
2263 | { | ||
2264 | int rc = -ENOMEM; | ||
2265 | unsigned int iter; | ||
2266 | |||
2267 | POLICY_RDLOCK; | ||
2268 | |||
2269 | *values = kcalloc(POLICYDB_CAPABILITY_MAX, sizeof(int), GFP_ATOMIC); | ||
2270 | if (*values == NULL) | ||
2271 | goto out; | ||
2272 | for (iter = 0; iter < POLICYDB_CAPABILITY_MAX; iter++) | ||
2273 | (*values)[iter] = ebitmap_get_bit(&policydb.policycaps, iter); | ||
2274 | *len = POLICYDB_CAPABILITY_MAX; | ||
2275 | |||
2276 | out: | ||
2277 | POLICY_RDUNLOCK; | ||
2278 | return rc; | ||
2279 | } | ||
2280 | |||
2281 | /** | ||
2282 | * security_policycap_supported - Check for a specific policy capability | 2249 | * security_policycap_supported - Check for a specific policy capability |
2283 | * @req_cap: capability | 2250 | * @req_cap: capability |
2284 | * | 2251 | * |