summaryrefslogtreecommitdiffstats
path: root/include/linux/selinux.h
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-09-12 22:54:10 -0400
committerJames Morris <jmorris@namei.org>2009-09-14 12:34:07 +1000
commited868a56988464cd31de0302426a5e94d3127f10 (patch)
treecdcd1715445aa19051b6a9a671b39250a449333a /include/linux/selinux.h
parent86d710146fb9975f04c505ec78caa43d227c1018 (diff)
downloadlinux-ed868a56988464cd31de0302426a5e94d3127f10.tar.gz
linux-ed868a56988464cd31de0302426a5e94d3127f10.tar.bz2
linux-ed868a56988464cd31de0302426a5e94d3127f10.zip
Creds: creds->security can be NULL is selinux is disabled
__validate_process_creds should check if selinux is actually enabled before running tests on the selinux portion of the credentials struct. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux/selinux.h')
-rw-r--r--include/linux/selinux.h9
1 files changed, 9 insertions, 0 deletions
diff --git a/include/linux/selinux.h b/include/linux/selinux.h
index 20f965d4b041..223d06a6feb1 100644
--- a/include/linux/selinux.h
+++ b/include/linux/selinux.h
@@ -61,6 +61,11 @@ void selinux_secmark_refcount_inc(void);
* existing SECMARK targets has been removed/flushed.
*/
void selinux_secmark_refcount_dec(void);
+
+/**
+ * selinux_is_enabled - is SELinux enabled?
+ */
+bool selinux_is_enabled(void);
#else
static inline int selinux_string_to_sid(const char *str, u32 *sid)
@@ -84,6 +89,10 @@ static inline void selinux_secmark_refcount_dec(void)
return;
}
+static bool selinux_is_enabled(void)
+{
+ return false;
+}
#endif /* CONFIG_SECURITY_SELINUX */
#endif /* _LINUX_SELINUX_H */