Merge commit 'v2.6.39' into 20110526

Conflicts: lib/flex_array.c security/selinux/avc.c security/selinux/hooks.c security/selinux/ss/policydb.c security/smack/smack_lsm.c
author: Eric Paris <eparis@redhat.com> 2011-05-26 17:20:14 -0400
committer: Eric Paris <eparis@redhat.com> 2011-05-26 17:20:14 -0400
commit: ea77f7a2e8561012cf100c530170f12351c3b53e (patch)
tree: 7302ac1064f4e364aadda84020a176804fb86e22 /security/security.c
parent: 7a627e3b9a2bd0f06945bbe64bcf403e788ecf6e (diff)
parent: 61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf (diff)
1 files changed, 15 insertions, 10 deletions
diff --git a/security/security.c b/security/security.c
index 7e34f98bf433..4ba6d4cc061f 100644
--- a/security/security.c
+++ b/security/security.c
@@ -154,29 +154,33 @@ int security_capset(struct cred *new, const struct cred *old,
                                    effective, inheritable, permitted);
 }
-int security_capable(const struct cred *cred, int cap)
+int security_capable(struct user_namespace *ns, const struct cred *cred,
+                     int cap)
 {
-        return security_ops->capable(current, cred, cap, SECURITY_CAP_AUDIT);
+        return security_ops->capable(current, cred, ns, cap,
+                                     SECURITY_CAP_AUDIT);
 }
-int security_real_capable(struct task_struct *tsk, int cap)
+int security_real_capable(struct task_struct *tsk, struct user_namespace *ns,
+                          int cap)
 {
        const struct cred *cred;
        int ret;
        cred = get_task_cred(tsk);
-        ret = security_ops->capable(tsk, cred, cap, SECURITY_CAP_AUDIT);
+        ret = security_ops->capable(tsk, cred, ns, cap, SECURITY_CAP_AUDIT);
        put_cred(cred);
        return ret;
 }
-int security_real_capable_noaudit(struct task_struct *tsk, int cap)
+int security_real_capable_noaudit(struct task_struct *tsk,
+                                  struct user_namespace *ns, int cap)
 {
        const struct cred *cred;
        int ret;
        cred = get_task_cred(tsk);
-        ret = security_ops->capable(tsk, cred, cap, SECURITY_CAP_NOAUDIT);
+        ret = security_ops->capable(tsk, cred, ns, cap, SECURITY_CAP_NOAUDIT);
        put_cred(cred);
        return ret;
 }
@@ -196,7 +200,7 @@ int security_syslog(int type)
        return security_ops->syslog(type);
 }
-int security_settime(struct timespec *ts, struct timezone *tz)
+int security_settime(const struct timespec *ts, const struct timezone *tz)
 {
        return security_ops->settime(ts, tz);
 }
@@ -1103,7 +1107,7 @@ void security_sk_clone(const struct sock *sk, struct sock *newsk)
 void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
 {
-        security_ops->sk_getsecid(sk, &fl->secid);
+        security_ops->sk_getsecid(sk, &fl->flowi_secid);
 }
 EXPORT_SYMBOL(security_sk_classify_flow);
@@ -1236,7 +1240,8 @@ int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir)
 }
 int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
-                                       struct xfrm_policy *xp, struct flowi *fl)
+                                       struct xfrm_policy *xp,
+                                       const struct flowi *fl)
 {
        return security_ops->xfrm_state_pol_flow_match(x, xp, fl);
 }
@@ -1248,7 +1253,7 @@ int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid)
 void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl)
 {
-        int rc = security_ops->xfrm_decode_session(skb, &fl->secid, 0);
+        int rc = security_ops->xfrm_decode_session(skb, &fl->flowi_secid, 0);
        BUG_ON(rc);
 }
author	Eric Paris <eparis@redhat.com>	2011-05-26 17:20:14 -0400
committer	Eric Paris <eparis@redhat.com>	2011-05-26 17:20:14 -0400
commit	ea77f7a2e8561012cf100c530170f12351c3b53e (patch)
tree	7302ac1064f4e364aadda84020a176804fb86e22 /security/security.c
parent	7a627e3b9a2bd0f06945bbe64bcf403e788ecf6e (diff)
parent	61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf (diff)