diff options
author | Paul Moore <paul.moore@hp.com> | 2008-01-29 08:44:18 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-01-29 16:17:27 -0500 |
commit | 5dbe1eb0cfc144a2b0cb1466e22bcb6fc34229a8 (patch) | |
tree | e1e028acaf0dd08cbcacd2c125f60230f820b442 /security/selinux/hooks.c | |
parent | d621d35e576aa20a0ddae8022c3810f38357c8ff (diff) |
SELinux: Allow NetLabel to directly cache SIDs
Now that the SELinux NetLabel "base SID" is always the netmsg initial SID we
can do a big optimization - caching the SID and not just the MLS attributes.
This not only saves a lot of per-packet memory allocations and copies but it
has a nice side effect of removing a chunk of code.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r-- | security/selinux/hooks.c | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 6156241c8770..c90e865a8603 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -3468,11 +3468,7 @@ static int selinux_skb_peerlbl_sid(struct sk_buff *skb, u16 family, u32 *sid) | |||
3468 | u32 nlbl_type; | 3468 | u32 nlbl_type; |
3469 | 3469 | ||
3470 | selinux_skb_xfrm_sid(skb, &xfrm_sid); | 3470 | selinux_skb_xfrm_sid(skb, &xfrm_sid); |
3471 | selinux_netlbl_skbuff_getsid(skb, | 3471 | selinux_netlbl_skbuff_getsid(skb, family, &nlbl_type, &nlbl_sid); |
3472 | family, | ||
3473 | SECINITSID_NETMSG, | ||
3474 | &nlbl_type, | ||
3475 | &nlbl_sid); | ||
3476 | 3472 | ||
3477 | if (security_net_peersid_resolve(nlbl_sid, nlbl_type, | 3473 | if (security_net_peersid_resolve(nlbl_sid, nlbl_type, |
3478 | xfrm_sid, | 3474 | xfrm_sid, |