This patchset modifies libselinux to include the vm object class and the
entrypoint permission for use with the userspace qemu SELinux code.
Index: src/selinux/libselinux/include/selinux/av_permissions.h
===================================================================
--- src.orig/selinux/libselinux/include/selinux/av_permissions.h
2007-07-14 23:55:36.000000000 -0400
+++ src/selinux/libselinux/include/selinux/av_permissions.h 2007-07-15
00:18:59.000000000 -0400
@@ -897,3 +897,4 @@
#define KEY__CREATE 0x00000040UL
#define CONTEXT__TRANSLATE 0x00000001UL
#define CONTEXT__CONTAINS 0x00000002UL
+#define VM__ENTRYPOINT 0x00000001UL
Index: src/selinux/libselinux/include/selinux/flask.h
===================================================================
--- src.orig/selinux/libselinux/include/selinux/flask.h 2007-07-14
23:55:36.000000000 -0400
+++ src/selinux/libselinux/include/selinux/flask.h 2007-07-15
00:55:14.000000000 -0400
@@ -64,6 +64,7 @@
#define SECCLASS_PACKET 57
#define SECCLASS_KEY 58
#define SECCLASS_CONTEXT 59
+#define SECCLASS_VM 60
/*
* Security identifier indices for initial entities
Index: src/selinux/libselinux/src/class_to_string.h
===================================================================
--- src.orig/selinux/libselinux/src/class_to_string.h 2007-07-14
23:55:36.000000000 -0400
+++ src/selinux/libselinux/src/class_to_string.h 2007-07-15
00:18:59.000000000 -0400
@@ -62,3 +62,4 @@
S_("packet")
S_("key")
S_("context")
+ S_("vm")
Index: src/selinux/libselinux/src/av_perm_to_string.h
===================================================================
--- src.orig/selinux/libselinux/src/av_perm_to_string.h 2007-07-14
23:55:36.000000000 -0400
+++ src/selinux/libselinux/src/av_perm_to_string.h 2007-07-15
00:57:10.000000000 -0400
@@ -267,3 +267,4 @@
S_(SECCLASS_KEY, KEY__CREATE, "create")
S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate")
S_(SECCLASS_CONTEXT, CONTEXT__CONTAINS, "contains")
+ S_(SECCLASS_VM, VM__ENTRYPOINT, "entrypoint")
