From 0719aaf5ead7555b7b7a4a080ebf2826a871384e Mon Sep 17 00:00:00 2001
From: Guido Trentalancia <guido@trentalancia.com>
Date: Wed, 3 Feb 2010 16:40:20 +0100
Subject: selinux: allow MLS->non-MLS and vice versa upon policy reload

Allow runtime switching between different policy types (e.g. from a MLS/MCS
policy to a non-MLS/non-MCS policy or viceversa).

Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/selinux/include/security.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'security/selinux/include/security.h')

diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 022cf067aa3f..1f7c2491d3dc 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -57,7 +57,6 @@
 struct netlbl_lsm_secattr;
 
 extern int selinux_enabled;
-extern int selinux_mls_enabled;
 
 /* Policy capabilities */
 enum {
@@ -80,6 +79,8 @@ extern int selinux_policycap_openperm;
 /* limitation of boundary depth  */
 #define POLICYDB_BOUNDS_MAXDEPTH	4
 
+int security_mls_enabled(void);
+
 int security_load_policy(void *data, size_t len);
 
 int security_policycap_supported(unsigned int req_cap);
-- 
cgit v1.2.3-59-g8ed1b