diff options
Diffstat (limited to 'security/selinux/ss/context.h')
-rw-r--r-- | security/selinux/ss/context.h | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/security/selinux/ss/context.h b/security/selinux/ss/context.h index 0562bac..2eee0da 100644 --- a/security/selinux/ss/context.h +++ b/security/selinux/ss/context.h @@ -55,6 +55,29 @@ out: return rc; } +/* + * Sets both levels in the MLS range of 'dst' to the low level of 'src'. + */ +static inline int mls_context_cpy_low(struct context *dst, struct context *src) +{ + int rc; + + if (!selinux_mls_enabled) + return 0; + + dst->range.level[0].sens = src->range.level[0].sens; + rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat); + if (rc) + goto out; + + dst->range.level[1].sens = src->range.level[0].sens; + rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[0].cat); + if (rc) + ebitmap_destroy(&dst->range.level[0].cat); +out: + return rc; +} + static inline int mls_context_cmp(struct context *c1, struct context *c2) { if (!selinux_mls_enabled) |