/* SPDX-License-Identifier: GPL-2.0 */ /* * A constraint is a condition that must be satisfied in * order for one or more permissions to be granted. * Constraints are used to impose additional restrictions * beyond the type-based rules in `te' or the role-based * transition rules in `rbac'. Constraints are typically * used to prevent a process from transitioning to a new user * identity or role unless it is in a privileged type. * Constraints are likewise typically used to prevent a * process from labeling an object with a different user * identity. * * Author : Stephen Smalley, <[email protected]> */ #ifndef _SS_CONSTRAINT_H_ #define _SS_CONSTRAINT_H_ #include "ebitmap.h" #define CEXPR_MAXDEPTH … struct constraint_expr { … }; struct constraint_node { … }; #endif /* _SS_CONSTRAINT_H_ */
Codebase Browser
linux