aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/include
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2008-01-29 08:44:18 -0500
committerJames Morris <jmorris@namei.org>2008-01-29 16:17:27 -0500
commit5dbe1eb0cfc144a2b0cb1466e22bcb6fc34229a8 (patch)
treee1e028acaf0dd08cbcacd2c125f60230f820b442 /security/selinux/include
parentd621d35e576aa20a0ddae8022c3810f38357c8ff (diff)
SELinux: Allow NetLabel to directly cache SIDs
Now that the SELinux NetLabel "base SID" is always the netmsg initial SID we can do a big optimization - caching the SID and not just the MLS attributes. This not only saves a lot of per-packet memory allocations and copies but it has a nice side effect of removing a chunk of code. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/include')
-rw-r--r--security/selinux/include/netlabel.h2
-rw-r--r--security/selinux/include/security.h2
2 files changed, 0 insertions, 4 deletions
diff --git a/security/selinux/include/netlabel.h b/security/selinux/include/netlabel.h
index c8c05a6f298c..00a2809c8506 100644
--- a/security/selinux/include/netlabel.h
+++ b/security/selinux/include/netlabel.h
@@ -48,7 +48,6 @@ void selinux_netlbl_sk_security_clone(struct sk_security_struct *ssec,
48 48
49int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, 49int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
50 u16 family, 50 u16 family,
51 u32 base_sid,
52 u32 *type, 51 u32 *type,
53 u32 *sid); 52 u32 *sid);
54 53
@@ -89,7 +88,6 @@ static inline void selinux_netlbl_sk_security_clone(
89 88
90static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, 89static inline int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
91 u16 family, 90 u16 family,
92 u32 base_sid,
93 u32 *type, 91 u32 *type,
94 u32 *sid) 92 u32 *sid)
95{ 93{
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 9347e2daa8d4..23137c17f917 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -124,7 +124,6 @@ int security_genfs_sid(const char *fstype, char *name, u16 sclass,
124 124
125#ifdef CONFIG_NETLABEL 125#ifdef CONFIG_NETLABEL
126int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, 126int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
127 u32 base_sid,
128 u32 *sid); 127 u32 *sid);
129 128
130int security_netlbl_sid_to_secattr(u32 sid, 129int security_netlbl_sid_to_secattr(u32 sid,
@@ -132,7 +131,6 @@ int security_netlbl_sid_to_secattr(u32 sid,
132#else 131#else
133static inline int security_netlbl_secattr_to_sid( 132static inline int security_netlbl_secattr_to_sid(
134 struct netlbl_lsm_secattr *secattr, 133 struct netlbl_lsm_secattr *secattr,
135 u32 base_sid,
136 u32 *sid) 134 u32 *sid)
137{ 135{
138 return -EIDRM; 136 return -EIDRM;