From: Stephen Smalley <sds@epoch.ncsc.mil>

This patch extends the SELinux policy engine to support conditional policy
logic based on a set of policy booleans, allowing well-formed changes to
the policy to be defined within and mediated by the policy itself.

The conditional policy extensions were implemented and contributed by
Tresys Technology.

Userland packages that support these extensions are already available from
nsa.gov/selinux, and backward compatibility is provided for the prior
policy version.

The patch also includes a small change to enable detection of the optional
MLS policy model on a SELinux system and fixes to the conditional policy
extensions to allow the MLS policy to work correctly with them that were
implemented and contributed by Trusted Computer Solutions.