From 937bf6133b21b16965f75223085f4314ae32b8eb Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Wed, 2 Dec 2009 21:09:48 +0900
Subject: TOMOYO: Add rest of file operation restrictions.

LSM hooks for chmod()/chown()/chroot() are now ready.
This patch utilizes these hooks.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/tomoyo/tomoyo.h | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'security/tomoyo/tomoyo.h')

diff --git a/security/tomoyo/tomoyo.h b/security/tomoyo/tomoyo.h
index cd6ba0bf706..fac02655ea4 100644
--- a/security/tomoyo/tomoyo.h
+++ b/security/tomoyo/tomoyo.h
@@ -64,11 +64,19 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm);
 #define TOMOYO_TYPE_TRUNCATE_ACL     12
 #define TOMOYO_TYPE_SYMLINK_ACL      13
 #define TOMOYO_TYPE_REWRITE_ACL      14
-#define TOMOYO_MAX_SINGLE_PATH_OPERATION 15
+#define TOMOYO_TYPE_IOCTL_ACL        15
+#define TOMOYO_TYPE_CHMOD_ACL        16
+#define TOMOYO_TYPE_CHOWN_ACL        17
+#define TOMOYO_TYPE_CHGRP_ACL        18
+#define TOMOYO_TYPE_CHROOT_ACL       19
+#define TOMOYO_TYPE_MOUNT_ACL        20
+#define TOMOYO_TYPE_UMOUNT_ACL       21
+#define TOMOYO_MAX_SINGLE_PATH_OPERATION 22
 
 #define TOMOYO_TYPE_LINK_ACL         0
 #define TOMOYO_TYPE_RENAME_ACL       1
-#define TOMOYO_MAX_DOUBLE_PATH_OPERATION 2
+#define TOMOYO_TYPE_PIVOT_ROOT_ACL   2
+#define TOMOYO_MAX_DOUBLE_PATH_OPERATION 3
 
 #define TOMOYO_DOMAINPOLICY          0
 #define TOMOYO_EXCEPTIONPOLICY       1
-- 
cgit v1.2.3