Add additional Flask definitions to support the new peer object class.
---
security/selinux/include/av_perm_to_string.h |3 +++
security/selinux/include/av_permissions.h|3 +++
security/selinux/include/class_to_string.h |7 +++
security/selinux/include/flask.h |1 +
4 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/security/selinux/include/av_perm_to_string.h
b/security/selinux/include/av_perm_to_string.h
index 049bf69..1d56a6a 100644
--- a/security/selinux/include/av_perm_to_string.h
+++ b/security/selinux/include/av_perm_to_string.h
@@ -159,3 +159,6 @@
S_(SECCLASS_DCCP_SOCKET, DCCP_SOCKET__NODE_BIND, node_bind)
S_(SECCLASS_DCCP_SOCKET, DCCP_SOCKET__NAME_CONNECT, name_connect)
S_(SECCLASS_MEMPROTECT, MEMPROTECT__MMAP_ZERO, mmap_zero)
+ S_(SECCLASS_PEER, PEER__FLOW_IN, flow_in)
+ S_(SECCLASS_PEER, PEER__FLOW_OUT, flow_out)
+ S_(SECCLASS_PEER, PEER__RECV, recv)
diff --git a/security/selinux/include/av_permissions.h
b/security/selinux/include/av_permissions.h
index eda89a2..95d4674 100644
--- a/security/selinux/include/av_permissions.h
+++ b/security/selinux/include/av_permissions.h
@@ -824,3 +824,6 @@
#define DCCP_SOCKET__NODE_BIND0x0040UL
#define DCCP_SOCKET__NAME_CONNECT 0x0080UL
#define MEMPROTECT__MMAP_ZERO 0x0001UL
+#define PEER__FLOW_IN 0x0001UL
+#define PEER__FLOW_OUT0x0002UL
+#define PEER__RECV0x0004UL
diff --git a/security/selinux/include/class_to_string.h
b/security/selinux/include/class_to_string.h
index e77de0e..b1b0d1d 100644
--- a/security/selinux/include/class_to_string.h
+++ b/security/selinux/include/class_to_string.h
@@ -64,3 +64,10 @@
S_(NULL)
S_(dccp_socket)
S_(memprotect)
+S_(NULL)
+S_(NULL)
+S_(NULL)
+S_(NULL)
+S_(NULL)
+S_(NULL)
+S_(peer)
diff --git a/security/selinux/include/flask.h b/security/selinux/include/flask.h
index a9c2b20..09e9dd2 100644
--- a/security/selinux/include/flask.h
+++ b/security/selinux/include/flask.h
@@ -50,6 +50,7 @@
#define SECCLASS_KEY 58
#define SECCLASS_DCCP_SOCKET 60
#define SECCLASS_MEMPROTECT 61
+#define SECCLASS_PEER68
/*
* Security identifier indices for initial entities
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html