#include <linux/spinlock.h>
#include <linux/init.h>
#include <linux/in6.h>
+#include <linux/path.h>
#include <asm/system.h>
#include "flask.h"
#include "av_permissions.h"
struct avc_entry;
struct task_struct;
-struct vfsmount;
-struct dentry;
struct inode;
struct sock;
struct sk_buff;
struct task_struct *tsk;
union {
struct {
- struct vfsmount *mnt;
- struct dentry *dentry;
+ struct path path;
struct inode *inode;
} fs;
struct {
- char *netif;
+ int netif;
struct sock *sk;
u16 family;
__be16 dport;
u16 tclass, u32 requested,
struct av_decision *avd, int result, struct avc_audit_data *auditdata);
+#define AVC_STRICT 1 /* Ignore permissive mode. */
int avc_has_perm_noaudit(u32 ssid, u32 tsid,
- u16 tclass, u32 requested,
- struct av_decision *avd);
+ u16 tclass, u32 requested,
+ unsigned flags,
+ struct av_decision *avd);
int avc_has_perm(u32 ssid, u32 tsid,
u16 tclass, u32 requested,
struct avc_audit_data *auditdata);
+u32 avc_policy_seqno(void);
+
#define AVC_CALLBACK_GRANT 1
#define AVC_CALLBACK_TRY_REVOKE 2
#define AVC_CALLBACK_REVOKE 4