Merge branch 'x86/urgent' into core/efi, to pick up a pending EFI fix

Signed-off-by: Ingo Molnar <mingo@kernel.org>
author: Ingo Molnar <mingo@kernel.org> 2015-10-14 16:05:18 +0200
committer: Ingo Molnar <mingo@kernel.org> 2015-10-14 16:05:18 +0200
commit: c7d77a7980e434c3af17de19e3348157f9b9ccce (patch)
tree: b32c5988ce8239b80c83e94c22d68f5eb0fb84da /security/selinux/include/avc.h
parent: 0ce423b6492a02be11662bfaa837dd16945aad3e (diff)
parent: 8a53554e12e98d1759205afd7b8e9e2ea0936f48 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h
index 5973c327c54e..0999df03af8b 100644
--- a/security/selinux/include/avc.h
+++ b/security/selinux/include/avc.h
@@ -143,6 +143,7 @@ static inline int avc_audit(u32 ssid, u32 tsid,
 }
 
 #define AVC_STRICT 1 /* Ignore permissive mode. */
+#define AVC_EXTENDED_PERMS 2	/* update extended permissions */
 int avc_has_perm_noaudit(u32 ssid, u32 tsid,
 			 u16 tclass, u32 requested,
 			 unsigned flags,
@@ -156,6 +157,10 @@ int avc_has_perm_flags(u32 ssid, u32 tsid,
 		       struct common_audit_data *auditdata,
 		       int flags);
 
+int avc_has_extended_perms(u32 ssid, u32 tsid, u16 tclass, u32 requested,
+		u8 driver, u8 perm, struct common_audit_data *ad);
+
+
 u32 avc_policy_seqno(void);
 
 #define AVC_CALLBACK_GRANT		1
@@ -166,6 +171,7 @@ u32 avc_policy_seqno(void);
 #define AVC_CALLBACK_AUDITALLOW_DISABLE	32
 #define AVC_CALLBACK_AUDITDENY_ENABLE	64
 #define AVC_CALLBACK_AUDITDENY_DISABLE	128
+#define AVC_CALLBACK_ADD_XPERMS		256
 
 int avc_add_callback(int (*callback)(u32 event), u32 events);
author	Ingo Molnar <mingo@kernel.org>	2015-10-14 16:05:18 +0200
committer	Ingo Molnar <mingo@kernel.org>	2015-10-14 16:05:18 +0200
commit	c7d77a7980e434c3af17de19e3348157f9b9ccce (patch)
tree	b32c5988ce8239b80c83e94c22d68f5eb0fb84da /security/selinux/include/avc.h
parent	0ce423b6492a02be11662bfaa837dd16945aad3e (diff)
parent	8a53554e12e98d1759205afd7b8e9e2ea0936f48 (diff)