diff options
author | Richard Haines <richard_c_haines@btinternet.com> | 2013-11-19 17:34:23 -0500 |
---|---|---|
committer | Brett Rogers <brettrogers11@gmail.com> | 2015-11-07 23:28:42 -0800 |
commit | e186fbacd6b7663536b3fc3cdc91fcccb25404d0 (patch) | |
tree | aa61be4f94cf9410e6b5fe5cc7ee37c51e2be9cd /security/selinux/ss/policydb.h | |
parent | 2e85a7bc765134be125037bb44130620002cb2c3 (diff) | |
download | kernel_samsung_smdk4412-e186fbacd6b7663536b3fc3cdc91fcccb25404d0.zip kernel_samsung_smdk4412-e186fbacd6b7663536b3fc3cdc91fcccb25404d0.tar.gz kernel_samsung_smdk4412-e186fbacd6b7663536b3fc3cdc91fcccb25404d0.tar.bz2 |
SELinux: Update policy version to support constraints info
Update the policy version (POLICYDB_VERSION_CONSTRAINT_NAMES) to allow
holding of policy source info for constraints.
Upstream commit a660bec1d84ad19a39e380af129e207b3b8f609e
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Change-Id: If419c7bfdea2f7006c9a62ea595f0cbfe5c78871
Diffstat (limited to 'security/selinux/ss/policydb.h')
-rw-r--r-- | security/selinux/ss/policydb.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h index da63747..725d594 100644 --- a/security/selinux/ss/policydb.h +++ b/security/selinux/ss/policydb.h @@ -154,6 +154,17 @@ struct cond_bool_datum { struct cond_node; /* + * type set preserves data needed to determine constraint info from + * policy source. This is not used by the kernel policy but allows + * utilities such as audit2allow to determine constraint denials. + */ +struct type_set { + struct ebitmap types; + struct ebitmap negset; + u32 flags; +}; + +/* * The configuration data includes security contexts for * initial SIDs, unlabeled file systems, TCP and UDP port numbers, * network interfaces, and nodes. This structure stores the |