selinux: wrap AVC state

Wrap the AVC state within the selinux_state structure and pass it explicitly to all AVC functions. The AVC private state is encapsulated in a selinux_avc structure that is referenced from the selinux_state. This change should have no effect on SELinux behavior or APIs (userspace or LSM). Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Reviewed-by: James Morris <james.morris@microsoft.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Stephen Smalley <sds@tycho.nsa.gov> 2018-03-05 11:47:56 -0500
committer: Paul Moore <paul@paul-moore.com> 2018-03-20 16:58:17 -0400
commit: 6b6bc6205d98796361962ee282a063f18ba8dc57 (patch)
tree: b9e6f6492606000e1d8826b4eb2c882726c61722 /security/selinux/include/avc_ss.h
parent: selinux: wrap selinuxfs state (diff)
download: wireguard-linux-6b6bc6205d98796361962ee282a063f18ba8dc57.tar.xz
wireguard-linux-6b6bc6205d98796361962ee282a063f18ba8dc57.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/security/selinux/include/avc_ss.h b/security/selinux/include/avc_ss.h
index 4e2a44d0ae66..88c384c5c09e 100644
--- a/security/selinux/include/avc_ss.h
+++ b/security/selinux/include/avc_ss.h
@@ -9,7 +9,8 @@
 
 #include "flask.h"
 
-int avc_ss_reset(u32 seqno);
+struct selinux_avc;
+int avc_ss_reset(struct selinux_avc *avc, u32 seqno);
 
 /* Class/perm mapping support */
 struct security_class_mapping {
author	Stephen Smalley <sds@tycho.nsa.gov>	2018-03-05 11:47:56 -0500
committer	Paul Moore <paul@paul-moore.com>	2018-03-20 16:58:17 -0400
commit	6b6bc6205d98796361962ee282a063f18ba8dc57 (patch)
tree	b9e6f6492606000e1d8826b4eb2c882726c61722 /security/selinux/include/avc_ss.h
parent	selinux: wrap selinuxfs state (diff)
download	wireguard-linux-6b6bc6205d98796361962ee282a063f18ba8dc57.tar.xz wireguard-linux-6b6bc6205d98796361962ee282a063f18ba8dc57.zip