2606fd1fa5
Right now secmark has lots of direct selinux calls. Use all LSM calls and remove all SELinux specific knowledge. The only SELinux specific knowledge we leave is the mode. The only point is to make sure that other LSMs at least test this generic code before they assume it works. (They may also have to make changes if they do not represent labels as strings) Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Paul Moore <paul.moore@hp.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: James Morris <jmorris@namei.org>
35 lines
910 B
C
35 lines
910 B
C
/*
|
|
* SELinux services exported to the rest of the kernel.
|
|
*
|
|
* Author: James Morris <jmorris@redhat.com>
|
|
*
|
|
* Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
|
|
* Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
|
|
* Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2,
|
|
* as published by the Free Software Foundation.
|
|
*/
|
|
#ifndef _LINUX_SELINUX_H
|
|
#define _LINUX_SELINUX_H
|
|
|
|
struct selinux_audit_rule;
|
|
struct audit_context;
|
|
struct kern_ipc_perm;
|
|
|
|
#ifdef CONFIG_SECURITY_SELINUX
|
|
|
|
/**
|
|
* selinux_is_enabled - is SELinux enabled?
|
|
*/
|
|
bool selinux_is_enabled(void);
|
|
#else
|
|
|
|
static inline bool selinux_is_enabled(void)
|
|
{
|
|
return false;
|
|
}
|
|
#endif /* CONFIG_SECURITY_SELINUX */
|
|
|
|
#endif /* _LINUX_SELINUX_H */
|