aboutsummaryrefslogtreecommitdiffstats
path: root/security/dummy.c
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2008-04-12 22:07:52 -0400
committerDavid S. Miller <davem@davemloft.net>2008-04-12 22:07:52 -0400
commit03e1ad7b5d871d4189b1da3125c2f12d1b5f7d0b (patch)
tree1e7f291ac6bd0c1f3a95e8252c32fcce7ff47ea7 /security/dummy.c
parent00447872a643787411c2c0cb1df6169dda8b0c47 (diff)
LSM: Make the Labeled IPsec hooks more stack friendly
The xfrm_get_policy() and xfrm_add_pol_expire() put some rather large structs on the stack to work around the LSM API. This patch attempts to fix that problem by changing the LSM API to require only the relevant "security" pointers instead of the entire SPD entry; we do this for all of the security_xfrm_policy*() functions to keep things consistent. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security/dummy.c')
-rw-r--r--security/dummy.c14
1 files changed, 8 insertions, 6 deletions
diff --git a/security/dummy.c b/security/dummy.c
index 78d8f92310a4..480366f9c41d 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -876,22 +876,23 @@ static inline void dummy_req_classify_flow(const struct request_sock *req,
876#endif /* CONFIG_SECURITY_NETWORK */ 876#endif /* CONFIG_SECURITY_NETWORK */
877 877
878#ifdef CONFIG_SECURITY_NETWORK_XFRM 878#ifdef CONFIG_SECURITY_NETWORK_XFRM
879static int dummy_xfrm_policy_alloc_security(struct xfrm_policy *xp, 879static int dummy_xfrm_policy_alloc_security(struct xfrm_sec_ctx **ctxp,
880 struct xfrm_user_sec_ctx *sec_ctx) 880 struct xfrm_user_sec_ctx *sec_ctx)
881{ 881{
882 return 0; 882 return 0;
883} 883}
884 884
885static inline int dummy_xfrm_policy_clone_security(struct xfrm_policy *old, struct xfrm_policy *new) 885static inline int dummy_xfrm_policy_clone_security(struct xfrm_sec_ctx *old_ctx,
886 struct xfrm_sec_ctx **new_ctxp)
886{ 887{
887 return 0; 888 return 0;
888} 889}
889 890
890static void dummy_xfrm_policy_free_security(struct xfrm_policy *xp) 891static void dummy_xfrm_policy_free_security(struct xfrm_sec_ctx *ctx)
891{ 892{
892} 893}
893 894
894static int dummy_xfrm_policy_delete_security(struct xfrm_policy *xp) 895static int dummy_xfrm_policy_delete_security(struct xfrm_sec_ctx *ctx)
895{ 896{
896 return 0; 897 return 0;
897} 898}
@@ -911,7 +912,8 @@ static int dummy_xfrm_state_delete_security(struct xfrm_state *x)
911 return 0; 912 return 0;
912} 913}
913 914
914static int dummy_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir) 915static int dummy_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx,
916 u32 sk_sid, u8 dir)
915{ 917{
916 return 0; 918 return 0;
917} 919}