diff options
| author | Florian Westphal <fw@strlen.de> | 2015-10-13 08:33:26 -0400 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-10-16 12:21:39 -0400 |
| commit | 2ffbceb2b08f8ca0496c54a9ebcd11d25275954e (patch) | |
| tree | f4da28636d8583f4817b4e374c8e78eba2b822b5 /security/selinux/hooks.c | |
| parent | 8cbc870829ecd8f1062f2a756683c80e2d1eae7f (diff) | |
netfilter: remove hook owner refcounting
since commit 8405a8fff3f8 ("netfilter: nf_qeueue: Drop queue entries on
nf_unregister_hook") all pending queued entries are discarded.
So we can simply remove all of the owner handling -- when module is
removed it also needs to unregister all its hooks.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 64340160f4ac..659bb50f0232 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -6127,21 +6127,18 @@ security_initcall(selinux_init); | |||
| 6127 | static struct nf_hook_ops selinux_nf_ops[] = { | 6127 | static struct nf_hook_ops selinux_nf_ops[] = { |
| 6128 | { | 6128 | { |
| 6129 | .hook = selinux_ipv4_postroute, | 6129 | .hook = selinux_ipv4_postroute, |
| 6130 | .owner = THIS_MODULE, | ||
| 6131 | .pf = NFPROTO_IPV4, | 6130 | .pf = NFPROTO_IPV4, |
| 6132 | .hooknum = NF_INET_POST_ROUTING, | 6131 | .hooknum = NF_INET_POST_ROUTING, |
| 6133 | .priority = NF_IP_PRI_SELINUX_LAST, | 6132 | .priority = NF_IP_PRI_SELINUX_LAST, |
| 6134 | }, | 6133 | }, |
| 6135 | { | 6134 | { |
| 6136 | .hook = selinux_ipv4_forward, | 6135 | .hook = selinux_ipv4_forward, |
| 6137 | .owner = THIS_MODULE, | ||
| 6138 | .pf = NFPROTO_IPV4, | 6136 | .pf = NFPROTO_IPV4, |
| 6139 | .hooknum = NF_INET_FORWARD, | 6137 | .hooknum = NF_INET_FORWARD, |
| 6140 | .priority = NF_IP_PRI_SELINUX_FIRST, | 6138 | .priority = NF_IP_PRI_SELINUX_FIRST, |
| 6141 | }, | 6139 | }, |
| 6142 | { | 6140 | { |
| 6143 | .hook = selinux_ipv4_output, | 6141 | .hook = selinux_ipv4_output, |
| 6144 | .owner = THIS_MODULE, | ||
| 6145 | .pf = NFPROTO_IPV4, | 6142 | .pf = NFPROTO_IPV4, |
| 6146 | .hooknum = NF_INET_LOCAL_OUT, | 6143 | .hooknum = NF_INET_LOCAL_OUT, |
| 6147 | .priority = NF_IP_PRI_SELINUX_FIRST, | 6144 | .priority = NF_IP_PRI_SELINUX_FIRST, |
| @@ -6149,14 +6146,12 @@ static struct nf_hook_ops selinux_nf_ops[] = { | |||
| 6149 | #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) | 6146 | #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) |
| 6150 | { | 6147 | { |
| 6151 | .hook = selinux_ipv6_postroute, | 6148 | .hook = selinux_ipv6_postroute, |
| 6152 | .owner = THIS_MODULE, | ||
| 6153 | .pf = NFPROTO_IPV6, | 6149 | .pf = NFPROTO_IPV6, |
| 6154 | .hooknum = NF_INET_POST_ROUTING, | 6150 | .hooknum = NF_INET_POST_ROUTING, |
| 6155 | .priority = NF_IP6_PRI_SELINUX_LAST, | 6151 | .priority = NF_IP6_PRI_SELINUX_LAST, |
| 6156 | }, | 6152 | }, |
| 6157 | { | 6153 | { |
| 6158 | .hook = selinux_ipv6_forward, | 6154 | .hook = selinux_ipv6_forward, |
| 6159 | .owner = THIS_MODULE, | ||
| 6160 | .pf = NFPROTO_IPV6, | 6155 | .pf = NFPROTO_IPV6, |
| 6161 | .hooknum = NF_INET_FORWARD, | 6156 | .hooknum = NF_INET_FORWARD, |
| 6162 | .priority = NF_IP6_PRI_SELINUX_FIRST, | 6157 | .priority = NF_IP6_PRI_SELINUX_FIRST, |