summaryrefslogtreecommitdiff
path: root/security/selinux/ss/services.h
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2022-12-13 20:32:05 +0300
committerLinus Torvalds <torvalds@linux-foundation.org>2022-12-13 20:32:05 +0300
commit57888f7b952d3f2696f82a701f1b3d9de7e346d3 (patch)
tree431172a2adad36b038c0782773009dbf49494826 /security/selinux/ss/services.h
parentbbdf4d54618ca1d4af304eab6631d68fd2d6ce39 (diff)
parent048be156491ff1aeb0fe5ff0862644d38cd39015 (diff)
downloadlinux-57888f7b952d3f2696f82a701f1b3d9de7e346d3.tar.xz
Merge tag 'selinux-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull selinux updates from Paul Moore: "Two SELinux patches: one increases the sleep time on deprecated functionality, and one removes the indirect calls in the sidtab context conversion code" * tag 'selinux-pr-20221212' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: remove the sidtab context conversion indirect calls selinux: increase the deprecation sleep for checkreqprot and runtime disable
Diffstat (limited to 'security/selinux/ss/services.h')
-rw-r--r--security/selinux/ss/services.h15
1 files changed, 12 insertions, 3 deletions
diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h
index 9555ad074303..c4301626487f 100644
--- a/security/selinux/ss/services.h
+++ b/security/selinux/ss/services.h
@@ -29,10 +29,19 @@ struct selinux_policy {
u32 latest_granting;
} __randomize_layout;
-void services_compute_xperms_drivers(struct extended_perms *xperms,
- struct avtab_node *node);
+struct convert_context_args {
+ struct selinux_state *state;
+ struct policydb *oldp;
+ struct policydb *newp;
+};
+void services_compute_xperms_drivers(struct extended_perms *xperms,
+ struct avtab_node *node);
void services_compute_xperms_decision(struct extended_perms_decision *xpermd,
- struct avtab_node *node);
+ struct avtab_node *node);
+
+int services_convert_context(struct convert_context_args *args,
+ struct context *oldc, struct context *newc,
+ gfp_t gfp_flags);
#endif /* _SS_SERVICES_H_ */