This patch replaces the original experimental Multi-Level Security (MLS)
implementation in SELinux with an enhanced MLS implementation contributed
by Trusted Computer Solutions (TCS).

The enhanced MLS implementation replaces the hardcoded MLS logic with a
flexible constraint-based system and replaces the compile-time option for
MLS support with a policy load-time enable based on whether MLS support was
enabled in the policy when it was built.

The latter change allows a single kernel and policy toolchain to support
both MLS and non-MLS policies.  Compatibility is still provided as usual
for existing policies.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>