Skip to content

L
linux
Commit dd3e7836 authored by Eric Paris's avatar Eric Paris Committed by James Morris
Browse files
Options

selinux: always call sk_security_struct sksec 

trying to grep everything that messes with a sk_security_struct isn't easy
since we don't always call it sksec.  Just rename everything sksec.
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent d25d6fa1
Hide whitespace changes
Inline Side-by-side
Showing with 36 additions and 36 deletions
security/selinux/hooks.c
View file @ dd3e7836
...@@ -293,28 +293,28 @@ static void superblock_free_security(struct super_block *sb) ...@@ -293,28 +293,28 @@ static void superblock_free_security(struct super_block *sb)
static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
{ {
struct sk_security_struct *ssec; struct sk_security_struct *sksec;
ssec = kzalloc(sizeof(*ssec), priority); sksec = kzalloc(sizeof(*sksec), priority);
if (!ssec) if (!sksec)
return -ENOMEM; return -ENOMEM;
ssec->peer_sid = SECINITSID_UNLABELED; sksec->peer_sid = SECINITSID_UNLABELED;
ssec->sid = SECINITSID_UNLABELED; sksec->sid = SECINITSID_UNLABELED;
sk->sk_security = ssec; sk->sk_security = sksec;
selinux_netlbl_sk_security_reset(ssec); selinux_netlbl_sk_security_reset(sksec);
return 0; return 0;
} }
static void sk_free_security(struct sock *sk) static void sk_free_security(struct sock *sk)
{ {
struct sk_security_struct *ssec = sk->sk_security; struct sk_security_struct *sksec = sk->sk_security;
sk->sk_security = NULL; sk->sk_security = NULL;
selinux_netlbl_sk_security_free(ssec); selinux_netlbl_sk_security_free(sksec);
kfree(ssec); kfree(sksec);
} }
/* The security server must be initialized before /* The security server must be initialized before
...@@ -4002,7 +4002,7 @@ static int selinux_socket_unix_stream_connect(struct socket *sock, ...@@ -4002,7 +4002,7 @@ static int selinux_socket_unix_stream_connect(struct socket *sock,
struct socket *other, struct socket *other,
struct sock *newsk) struct sock *newsk)
{ {
struct sk_security_struct *ssec; struct sk_security_struct *sksec;
struct inode_security_struct *isec; struct inode_security_struct *isec;
struct inode_security_struct *other_isec; struct inode_security_struct *other_isec;
struct common_audit_data ad; struct common_audit_data ad;
...@@ -4021,13 +4021,13 @@ static int selinux_socket_unix_stream_connect(struct socket *sock, ...@@ -4021,13 +4021,13 @@ static int selinux_socket_unix_stream_connect(struct socket *sock,
return err; return err;
/* connecting socket */ /* connecting socket */
ssec = sock->sk->sk_security; sksec = sock->sk->sk_security;
ssec->peer_sid = other_isec->sid; sksec->peer_sid = other_isec->sid;
/* server child socket */ /* server child socket */
ssec = newsk->sk_security; sksec = newsk->sk_security;
ssec->peer_sid = isec->sid; sksec->peer_sid = isec->sid;
err = security_sid_mls_copy(other_isec->sid, ssec->peer_sid, &ssec->sid); err = security_sid_mls_copy(other_isec->sid, sksec->peer_sid, &sksec->sid);
return err; return err;
} }
...@@ -4190,7 +4190,7 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op ...@@ -4190,7 +4190,7 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op
int err = 0; int err = 0;
char *scontext; char *scontext;
u32 scontext_len; u32 scontext_len;
struct sk_security_struct *ssec; struct sk_security_struct *sksec;
struct inode_security_struct *isec; struct inode_security_struct *isec;
u32 peer_sid = SECSID_NULL; u32 peer_sid = SECSID_NULL;
...@@ -4198,8 +4198,8 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op ...@@ -4198,8 +4198,8 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op
if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET || if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET ||
isec->sclass == SECCLASS_TCP_SOCKET) { isec->sclass == SECCLASS_TCP_SOCKET) {
ssec = sock->sk->sk_security; sksec = sock->sk->sk_security;
peer_sid = ssec->peer_sid; peer_sid = sksec->peer_sid;
} }
if (peer_sid == SECSID_NULL) { if (peer_sid == SECSID_NULL) {
err = -ENOPROTOOPT; err = -ENOPROTOOPT;
...@@ -4266,14 +4266,14 @@ static void selinux_sk_free_security(struct sock *sk) ...@@ -4266,14 +4266,14 @@ static void selinux_sk_free_security(struct sock *sk)
static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk) static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
{ {
struct sk_security_struct *ssec = sk->sk_security; struct sk_security_struct *sksec = sk->sk_security;
struct sk_security_struct *newssec = newsk->sk_security; struct sk_security_struct *newsksec = newsk->sk_security;
newssec->sid = ssec->sid; newsksec->sid = sksec->sid;
newssec->peer_sid = ssec->peer_sid; newsksec->peer_sid = sksec->peer_sid;
newssec->sclass = ssec->sclass; newsksec->sclass = sksec->sclass;
selinux_netlbl_sk_security_reset(newssec); selinux_netlbl_sk_security_reset(newsksec);
} }
static void selinux_sk_getsecid(struct sock *sk, u32 *secid) static void selinux_sk_getsecid(struct sock *sk, u32 *secid)
......
security/selinux/include/netlabel.h
View file @ dd3e7836
...@@ -42,8 +42,8 @@ void selinux_netlbl_cache_invalidate(void); ...@@ -42,8 +42,8 @@ void selinux_netlbl_cache_invalidate(void);
void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway); void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway);
void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec); void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec);
void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec); void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec);
int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
u16 family, u16 family,
...@@ -79,13 +79,13 @@ static inline void selinux_netlbl_err(struct sk_buff *skb, ...@@ -79,13 +79,13 @@ static inline void selinux_netlbl_err(struct sk_buff *skb,
} }
static inline void selinux_netlbl_sk_security_free( static inline void selinux_netlbl_sk_security_free(
struct sk_security_struct *ssec) struct sk_security_struct *sksec)
{ {
return; return;
} }
static inline void selinux_netlbl_sk_security_reset( static inline void selinux_netlbl_sk_security_reset(
struct sk_security_struct *ssec) struct sk_security_struct *sksec)
{ {
return; return;
} }
......
security/selinux/netlabel.c
View file @ dd3e7836
...@@ -131,21 +131,21 @@ void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway) ...@@ -131,21 +131,21 @@ void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway)
/** /**
* selinux_netlbl_sk_security_free - Free the NetLabel fields * selinux_netlbl_sk_security_free - Free the NetLabel fields
* @sssec: the sk_security_struct * @sksec: the sk_security_struct
* *
* Description: * Description:
* Free all of the memory in the NetLabel fields of a sk_security_struct. * Free all of the memory in the NetLabel fields of a sk_security_struct.
* *
*/ */
void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec) void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec)
{ {
if (ssec->nlbl_secattr != NULL) if (sksec->nlbl_secattr != NULL)
netlbl_secattr_free(ssec->nlbl_secattr); netlbl_secattr_free(sksec->nlbl_secattr);
} }
/** /**
* selinux_netlbl_sk_security_reset - Reset the NetLabel fields * selinux_netlbl_sk_security_reset - Reset the NetLabel fields
* @ssec: the sk_security_struct * @sksec: the sk_security_struct
* @family: the socket family * @family: the socket family
* *
* Description: * Description:
...@@ -153,9 +153,9 @@ void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec) ...@@ -153,9 +153,9 @@ void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec)
* The caller is responsibile for all the NetLabel sk_security_struct locking. * The caller is responsibile for all the NetLabel sk_security_struct locking.
* *
*/ */
void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec) void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)
{ {
ssec->nlbl_state = NLBL_UNSET; sksec->nlbl_state = NLBL_UNSET;
} }
/** /**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7