diff options
author | Paul Moore <paul.moore@hp.com> | 2006-11-17 17:38:47 -0500 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-12-03 00:24:08 -0500 |
commit | 05e00cbf5036929355020dab4837b637203a0742 (patch) | |
tree | 642cd1852808fbd89a2c666e39f23b7f48f2c4c0 /net | |
parent | 701a90bad99b8081a824cca52c178c8fc8f46bb2 (diff) |
NetLabel: check for a CIPSOv4 option before we do call into the CIPSOv4 layer
Right now the NetLabel code always jumps into the CIPSOv4 layer to determine if
a CIPSO IP option is present. However, we can do this check directly in the
NetLabel code by making use of the CIPSO_V4_OPTEXIST() macro which should save
us a function call in the common case of not having a CIPSOv4 option present.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/cipso_ipv4.c | 2 | ||||
-rw-r--r-- | net/netlabel/netlabel_kapi.c | 6 |
2 files changed, 2 insertions, 6 deletions
diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c index f0a0785047f..fb5d913f581 100644 --- a/net/ipv4/cipso_ipv4.c +++ b/net/ipv4/cipso_ipv4.c | |||
@@ -1435,8 +1435,6 @@ int cipso_v4_skbuff_getattr(const struct sk_buff *skb, | |||
1435 | u32 doi; | 1435 | u32 doi; |
1436 | struct cipso_v4_doi *doi_def; | 1436 | struct cipso_v4_doi *doi_def; |
1437 | 1437 | ||
1438 | if (!CIPSO_V4_OPTEXIST(skb)) | ||
1439 | return -ENOMSG; | ||
1440 | cipso_ptr = CIPSO_V4_OPTPTR(skb); | 1438 | cipso_ptr = CIPSO_V4_OPTPTR(skb); |
1441 | if (cipso_v4_cache_check(cipso_ptr, cipso_ptr[1], secattr) == 0) | 1439 | if (cipso_v4_cache_check(cipso_ptr, cipso_ptr[1], secattr) == 0) |
1442 | return 0; | 1440 | return 0; |
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c index da2f1975a04..b35ebf94918 100644 --- a/net/netlabel/netlabel_kapi.c +++ b/net/netlabel/netlabel_kapi.c | |||
@@ -149,10 +149,8 @@ int netlbl_socket_getattr(const struct socket *sock, | |||
149 | int netlbl_skbuff_getattr(const struct sk_buff *skb, | 149 | int netlbl_skbuff_getattr(const struct sk_buff *skb, |
150 | struct netlbl_lsm_secattr *secattr) | 150 | struct netlbl_lsm_secattr *secattr) |
151 | { | 151 | { |
152 | int ret_val; | 152 | if (CIPSO_V4_OPTEXIST(skb) && |
153 | 153 | cipso_v4_skbuff_getattr(skb, secattr) == 0) | |
154 | ret_val = cipso_v4_skbuff_getattr(skb, secattr); | ||
155 | if (ret_val == 0) | ||
156 | return 0; | 154 | return 0; |
157 | 155 | ||
158 | return netlbl_unlabel_getattr(secattr); | 156 | return netlbl_unlabel_getattr(secattr); |