aboutsummaryrefslogtreecommitdiff
path: root/security/selinux/include/security.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/include/security.h')
-rw-r--r--security/selinux/include/security.h34
1 files changed, 2 insertions, 32 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 8d506832927f..36993ad1c067 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -35,14 +35,13 @@
#define POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 27
#define POLICYDB_VERSION_DEFAULT_TYPE 28
#define POLICYDB_VERSION_CONSTRAINT_NAMES 29
-#define POLICYDB_VERSION_IOCTL_OPERATIONS 30
/* Range of policy versions we understand*/
#define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE
#ifdef CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX
#define POLICYDB_VERSION_MAX CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX_VALUE
#else
-#define POLICYDB_VERSION_MAX POLICYDB_VERSION_IOCTL_OPERATIONS
+#define POLICYDB_VERSION_MAX POLICYDB_VERSION_CONSTRAINT_NAMES
#endif
/* Mask for just the mount related flags */
@@ -110,40 +109,11 @@ struct av_decision {
u32 flags;
};
-#define security_operation_set(perms, x) (perms[x >> 5] |= 1 << (x & 0x1f))
-#define security_operation_test(perms, x) (1 & (perms[x >> 5] >> (x & 0x1f)))
-
-struct operation_perm {
- u32 perms[8];
-};
-
-struct operation_decision {
- u8 type;
- u8 specified;
- struct operation_perm *allowed;
- struct operation_perm *auditallow;
- struct operation_perm *dontaudit;
-};
-
-#define OPERATION_ALLOWED 1
-#define OPERATION_AUDITALLOW 2
-#define OPERATION_DONTAUDIT 4
-#define OPERATION_ALL (OPERATION_ALLOWED | OPERATION_AUDITALLOW |\
- OPERATION_DONTAUDIT)
-struct operation {
- u16 len; /* length of operation decision chain */
- u32 type[8]; /* 256 types */
-};
-
/* definitions of av_decision.flags */
#define AVD_FLAGS_PERMISSIVE 0x0001
void security_compute_av(u32 ssid, u32 tsid,
- u16 tclass, struct av_decision *avd,
- struct operation *ops);
-
-void security_compute_operation(u32 ssid, u32 tsid, u16 tclass,
- u8 type, struct operation_decision *od);
+ u16 tclass, struct av_decision *avd);
void security_compute_av_user(u32 ssid, u32 tsid,
u16 tclass, struct av_decision *avd);
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 10:30:35 +0000