SELinux: Correct the NetLabel locking for the sk_security_struct

The RCU/spinlock locking approach for the nlbl_state in the sk_security_struct was almost certainly overkill. This patch removes both the RCU and spinlock locking, relying on the existing socket locks to handle the case of multiple writers. This change also makes several code reductions possible. Less locking, less code - it's a Good Thing. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
author: Paul Moore <paul.moore@hp.com> 2008-02-25 11:40:33 -0500
committer: James Morris <jmorris@namei.org> 2008-04-18 06:26:03 -0400
commit: f74af6e816c940c678c235d49486fe40d7e49ce9 (patch)
tree: 06f2fa54bd7ceabac2ad29a6ab0aca1deb87c032 /security/selinux/hooks.c
parent: 4b119e21d0c66c22e8ca03df05d9de623d0eb50f (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index d39b59cf8a08..d51bd40a04a8 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -280,7 +280,7 @@ static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
        ssec->sid = SECINITSID_UNLABELED;
        sk->sk_security = ssec;
-        selinux_netlbl_sk_security_init(ssec, family);
+        selinux_netlbl_sk_security_reset(ssec, family);
        return 0;
 }
@@ -4139,7 +4139,7 @@ static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
        newssec->peer_sid = ssec->peer_sid;
        newssec->sclass = ssec->sclass;
-        selinux_netlbl_sk_security_clone(ssec, newssec);
+        selinux_netlbl_sk_security_reset(newssec, newsk->sk_family);
 }
 static void selinux_sk_getsecid(struct sock *sk, u32 *secid)
author	Paul Moore <paul.moore@hp.com>	2008-02-25 11:40:33 -0500
committer	James Morris <jmorris@namei.org>	2008-04-18 06:26:03 -0400
commit	f74af6e816c940c678c235d49486fe40d7e49ce9 (patch)
tree	06f2fa54bd7ceabac2ad29a6ab0aca1deb87c032 /security/selinux/hooks.c
parent	4b119e21d0c66c22e8ca03df05d9de623d0eb50f (diff)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d39b59cf8a08..d51bd40a04a8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c
@@ -280,7 +280,7 @@ static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
280	ssec->sid = SECINITSID_UNLABELED;	280	ssec->sid = SECINITSID_UNLABELED;
281	sk->sk_security = ssec;	281	sk->sk_security = ssec;
282		282
283	selinux_netlbl_sk_security_init(ssec, family);	283	selinux_netlbl_sk_security_reset(ssec, family);
284		284
285	return 0;	285	return 0;
286	}	286	}
@@ -4139,7 +4139,7 @@ static void selinux_sk_clone_security(const struct sock sk, struct sock newsk)
4139	newssec->peer_sid = ssec->peer_sid;	4139	newssec->peer_sid = ssec->peer_sid;
4140	newssec->sclass = ssec->sclass;	4140	newssec->sclass = ssec->sclass;
4141		4141
4142	selinux_netlbl_sk_security_clone(ssec, newssec);	4142	selinux_netlbl_sk_security_reset(newssec, newsk->sk_family);
4143	}	4143	}
4144		4144
4145	static void selinux_sk_getsecid(struct sock sk, u32 secid)	4145	static void selinux_sk_getsecid(struct sock sk, u32 secid)