TOMOYO: Add rest of file operation restrictions.

[net-next-2.6.git] / security / tomoyo / tomoyo.h

diff --git a/security/tomoyo/tomoyo.h b/security/tomoyo/tomoyo.h
index cd6ba0bf7069a98128bdac2d562c9746decdcc6f..fac02655ea4b0cb4141f2855c1020d3eedfff64f 100644 (file)
--- a/security/tomoyo/tomoyo.h
+++ b/security/tomoyo/tomoyo.h
@@ -64,11 +64,19 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm);
 #define TOMOYO_TYPE_TRUNCATE_ACL     12
 #define TOMOYO_TYPE_SYMLINK_ACL      13
 #define TOMOYO_TYPE_REWRITE_ACL      14
-#define TOMOYO_MAX_SINGLE_PATH_OPERATION 15
+#define TOMOYO_TYPE_IOCTL_ACL        15
+#define TOMOYO_TYPE_CHMOD_ACL        16
+#define TOMOYO_TYPE_CHOWN_ACL        17
+#define TOMOYO_TYPE_CHGRP_ACL        18
+#define TOMOYO_TYPE_CHROOT_ACL       19
+#define TOMOYO_TYPE_MOUNT_ACL        20
+#define TOMOYO_TYPE_UMOUNT_ACL       21
+#define TOMOYO_MAX_SINGLE_PATH_OPERATION 22
 
 #define TOMOYO_TYPE_LINK_ACL         0
 #define TOMOYO_TYPE_RENAME_ACL       1
-#define TOMOYO_MAX_DOUBLE_PATH_OPERATION 2
+#define TOMOYO_TYPE_PIVOT_ROOT_ACL   2
+#define TOMOYO_MAX_DOUBLE_PATH_OPERATION 3
 
 #define TOMOYO_DOMAINPOLICY          0
 #define TOMOYO_EXCEPTIONPOLICY       1