summaryrefslogtreecommitdiffstats
path: root/security/selinux/include/security.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/include/security.h')
-rw-r--r--security/selinux/include/security.h12
1 files changed, 12 insertions, 0 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index a39f9565d80b..d6036c018cf2 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -79,6 +79,7 @@ enum {
POLICYDB_CAPABILITY_ALWAYSNETWORK,
POLICYDB_CAPABILITY_CGROUPSECLABEL,
POLICYDB_CAPABILITY_NNP_NOSUID_TRANSITION,
+ POLICYDB_CAPABILITY_GENFS_SECLABEL_SYMLINKS,
__POLICYDB_CAPABILITY_MAX
};
#define POLICYDB_CAPABILITY_MAX (__POLICYDB_CAPABILITY_MAX - 1)
@@ -108,6 +109,10 @@ struct selinux_state {
bool checkreqprot;
bool initialized;
bool policycap[__POLICYDB_CAPABILITY_MAX];
+
+ struct page *status_page;
+ struct mutex status_lock;
+
struct selinux_avc *avc;
struct selinux_ss *ss;
} __randomize_layout;
@@ -209,6 +214,13 @@ static inline bool selinux_policycap_nnp_nosuid_transition(void)
return state->policycap[POLICYDB_CAPABILITY_NNP_NOSUID_TRANSITION];
}
+static inline bool selinux_policycap_genfs_seclabel_symlinks(void)
+{
+ struct selinux_state *state = &selinux_state;
+
+ return state->policycap[POLICYDB_CAPABILITY_GENFS_SECLABEL_SYMLINKS];
+}
+
int security_mls_enabled(struct selinux_state *state);
int security_load_policy(struct selinux_state *state,
void *data, size_t len);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-23 07:55:41 +0100