SELinux: Improve read/write performance

[linux-block.git] / security / selinux / include / avc.h

diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h
index 6ed10c3d3339baf03cb8e79d0357b078a14427bf..553607a19e92f7e957cb4f5f05fd4f61465fd3d1 100644 (file)
--- a/security/selinux/include/avc.h
+++ b/security/selinux/include/avc.h
@@ -102,14 +102,18 @@ void avc_audit(u32 ssid, u32 tsid,
                u16 tclass, u32 requested,
                struct av_decision *avd, int result, struct avc_audit_data *auditdata);
 
+#define AVC_STRICT 1 /* Ignore permissive mode. */
 int avc_has_perm_noaudit(u32 ssid, u32 tsid,
-                         u16 tclass, u32 requested,
-                         struct av_decision *avd);
+                        u16 tclass, u32 requested,
+                        unsigned flags,
+                        struct av_decision *avd);
 
 int avc_has_perm(u32 ssid, u32 tsid,
                  u16 tclass, u32 requested,
                  struct avc_audit_data *auditdata);
 
+u32 avc_policy_seqno(void);
+
 #define AVC_CALLBACK_GRANT             1
 #define AVC_CALLBACK_TRY_REVOKE                2
 #define AVC_CALLBACK_REVOKE            4