SELinux: Convert the netif code to use ifindex values

The current SELinux netif code requires the caller have a valid net_device
struct pointer to lookup network interface information.  However, we don't
always have a valid net_device pointer so convert the netif code to use
the ifindex values we always have as part of the sk_buff.  This patch also
removes the default message SID from the network interface record, it is
not being used and therefore is "dead code".

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>

1 files changed, 2 insertions, 2 deletions

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 5df12072c8d5..be544332214c 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3853,7 +3853,7 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb,
         if (!skb->dev)
                 goto out;
 
-        err = sel_netif_sids(skb->dev, &if_sid, NULL);
+        err = sel_netif_sid(skb->iif, &if_sid);
         if (err)
                 goto out;
 
@@ -4178,7 +4178,7 @@ static int selinux_ip_postroute_last_compat(struct sock *sk, struct net_device *
 
         isec = inode->i_security;
         
-        err = sel_netif_sids(dev, &if_sid, NULL);
+        err = sel_netif_sid(dev->ifindex, &if_sid);
         if (err)
                 goto out;