aboutsummaryrefslogtreecommitdiff
path: root/security/selinux/include/classmap.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/include/classmap.h')
-rw-r--r--security/selinux/include/classmap.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h
index 1f1f4b2f6018..13ae49b0baa0 100644
--- a/security/selinux/include/classmap.h
+++ b/security/selinux/include/classmap.h
@@ -1,3 +1,5 @@
+#include <linux/capability.h>
+
#define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \
"getattr", "setattr", "lock", "relabelfrom", "relabelto", "append"
@@ -24,6 +26,10 @@
#define COMMON_CAP2_PERMS "mac_override", "mac_admin", "syslog", \
"wake_alarm", "block_suspend", "audit_read"
+#if CAP_LAST_CAP > CAP_AUDIT_READ
+#error New capability defined, please update COMMON_CAP2_PERMS.
+#endif
+
/*
* Note: The name for any socket class should be suffixed by "socket",
* and doesn't contain more than one substr of "socket".
Powered by cgit, Gruvboxed by Blaster4385.