diff options
Diffstat (limited to 'security/selinux/netport.c')
| -rw-r--r-- | security/selinux/netport.c | 26 |
1 files changed, 6 insertions, 20 deletions
diff --git a/security/selinux/netport.c b/security/selinux/netport.c index cfe2d72d3fb..7b9eb1faf68 100644 --- a/security/selinux/netport.c +++ b/security/selinux/netport.c | |||
| @@ -5,7 +5,7 @@ | |||
| 5 | * mapping is maintained as part of the normal policy but a fast cache is | 5 | * mapping is maintained as part of the normal policy but a fast cache is |
| 6 | * needed to reduce the lookup overhead. | 6 | * needed to reduce the lookup overhead. |
| 7 | * | 7 | * |
| 8 | * Author: Paul Moore <paul.moore@hp.com> | 8 | * Author: Paul Moore <paul@paul-moore.com> |
| 9 | * | 9 | * |
| 10 | * This code is heavily based on the "netif" concept originally developed by | 10 | * This code is heavily based on the "netif" concept originally developed by |
| 11 | * James Morris <jmorris@redhat.com> | 11 | * James Morris <jmorris@redhat.com> |
| @@ -68,22 +68,6 @@ static DEFINE_SPINLOCK(sel_netport_lock); | |||
| 68 | static struct sel_netport_bkt sel_netport_hash[SEL_NETPORT_HASH_SIZE]; | 68 | static struct sel_netport_bkt sel_netport_hash[SEL_NETPORT_HASH_SIZE]; |
| 69 | 69 | ||
| 70 | /** | 70 | /** |
| 71 | * sel_netport_free - Frees a port entry | ||
| 72 | * @p: the entry's RCU field | ||
| 73 | * | ||
| 74 | * Description: | ||
| 75 | * This function is designed to be used as a callback to the call_rcu() | ||
| 76 | * function so that memory allocated to a hash table port entry can be | ||
| 77 | * released safely. | ||
| 78 | * | ||
| 79 | */ | ||
| 80 | static void sel_netport_free(struct rcu_head *p) | ||
| 81 | { | ||
| 82 | struct sel_netport *port = container_of(p, struct sel_netport, rcu); | ||
| 83 | kfree(port); | ||
| 84 | } | ||
| 85 | |||
| 86 | /** | ||
| 87 | * sel_netport_hashfn - Hashing function for the port table | 71 | * sel_netport_hashfn - Hashing function for the port table |
| 88 | * @pnum: port number | 72 | * @pnum: port number |
| 89 | * | 73 | * |
| @@ -139,10 +123,12 @@ static void sel_netport_insert(struct sel_netport *port) | |||
| 139 | if (sel_netport_hash[idx].size == SEL_NETPORT_HASH_BKT_LIMIT) { | 123 | if (sel_netport_hash[idx].size == SEL_NETPORT_HASH_BKT_LIMIT) { |
| 140 | struct sel_netport *tail; | 124 | struct sel_netport *tail; |
| 141 | tail = list_entry( | 125 | tail = list_entry( |
| 142 | rcu_dereference(sel_netport_hash[idx].list.prev), | 126 | rcu_dereference_protected( |
| 127 | sel_netport_hash[idx].list.prev, | ||
| 128 | lockdep_is_held(&sel_netport_lock)), | ||
| 143 | struct sel_netport, list); | 129 | struct sel_netport, list); |
| 144 | list_del_rcu(&tail->list); | 130 | list_del_rcu(&tail->list); |
| 145 | call_rcu(&tail->rcu, sel_netport_free); | 131 | kfree_rcu(tail, rcu); |
| 146 | } else | 132 | } else |
| 147 | sel_netport_hash[idx].size++; | 133 | sel_netport_hash[idx].size++; |
| 148 | } | 134 | } |
| @@ -241,7 +227,7 @@ static void sel_netport_flush(void) | |||
| 241 | list_for_each_entry_safe(port, port_tmp, | 227 | list_for_each_entry_safe(port, port_tmp, |
| 242 | &sel_netport_hash[idx].list, list) { | 228 | &sel_netport_hash[idx].list, list) { |
| 243 | list_del_rcu(&port->list); | 229 | list_del_rcu(&port->list); |
| 244 | call_rcu(&port->rcu, sel_netport_free); | 230 | kfree_rcu(port, rcu); |
| 245 | } | 231 | } |
| 246 | sel_netport_hash[idx].size = 0; | 232 | sel_netport_hash[idx].size = 0; |
| 247 | } | 233 | } |