diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-12-28 15:49:40 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-12-28 15:49:40 -0500 |
commit | 0191b625ca5a46206d2fb862bb08f36f2fcb3b31 (patch) | |
tree | 454d1842b1833d976da62abcbd5c47521ebe9bd7 /security/selinux | |
parent | 54a696bd07c14d3b1192d03ce7269bc59b45209a (diff) | |
parent | eb56092fc168bf5af199d47af50c0d84a96db898 (diff) |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1429 commits)
net: Allow dependancies of FDDI & Tokenring to be modular.
igb: Fix build warning when DCA is disabled.
net: Fix warning fallout from recent NAPI interface changes.
gro: Fix potential use after free
sfc: If AN is enabled, always read speed/duplex from the AN advertising bits
sfc: When disabling the NIC, close the device rather than unregistering it
sfc: SFT9001: Add cable diagnostics
sfc: Add support for multiple PHY self-tests
sfc: Merge top-level functions for self-tests
sfc: Clean up PHY mode management in loopback self-test
sfc: Fix unreliable link detection in some loopback modes
sfc: Generate unique names for per-NIC workqueues
802.3ad: use standard ethhdr instead of ad_header
802.3ad: generalize out mac address initializer
802.3ad: initialize ports LACPDU from const initializer
802.3ad: remove typedef around ad_system
802.3ad: turn ports is_individual into a bool
802.3ad: turn ports is_enabled into a bool
802.3ad: make ntt bool
ixgbe: Fix set_ringparam in ixgbe to use the same memory pools.
...
Fixed trivial IPv4/6 address printing conflicts in fs/cifs/connect.c due
to the conversion to %pI (in this networking merge) and the addition of
doing IPv6 addresses (from the earlier merge of CIFS).
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/avc.c | 4 | ||||
-rw-r--r-- | security/selinux/hooks.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index cb30c7e350b3..d43bd6baeeaa 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c | |||
@@ -495,7 +495,7 @@ static inline void avc_print_ipv6_addr(struct audit_buffer *ab, | |||
495 | char *name1, char *name2) | 495 | char *name1, char *name2) |
496 | { | 496 | { |
497 | if (!ipv6_addr_any(addr)) | 497 | if (!ipv6_addr_any(addr)) |
498 | audit_log_format(ab, " %s=" NIP6_FMT, name1, NIP6(*addr)); | 498 | audit_log_format(ab, " %s=%pI6", name1, addr); |
499 | if (port) | 499 | if (port) |
500 | audit_log_format(ab, " %s=%d", name2, ntohs(port)); | 500 | audit_log_format(ab, " %s=%d", name2, ntohs(port)); |
501 | } | 501 | } |
@@ -504,7 +504,7 @@ static inline void avc_print_ipv4_addr(struct audit_buffer *ab, __be32 addr, | |||
504 | __be16 port, char *name1, char *name2) | 504 | __be16 port, char *name1, char *name2) |
505 | { | 505 | { |
506 | if (addr) | 506 | if (addr) |
507 | audit_log_format(ab, " %s=" NIPQUAD_FMT, name1, NIPQUAD(addr)); | 507 | audit_log_format(ab, " %s=%pI4", name1, &addr); |
508 | if (port) | 508 | if (port) |
509 | audit_log_format(ab, " %s=%d", name2, ntohs(port)); | 509 | audit_log_format(ab, " %s=%d", name2, ntohs(port)); |
510 | } | 510 | } |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 853b58c8b2cb..dbeaa783b2a9 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -4735,7 +4735,7 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex, | |||
4735 | * as fast and as clean as possible. */ | 4735 | * as fast and as clean as possible. */ |
4736 | if (selinux_compat_net || !selinux_policycap_netpeer) | 4736 | if (selinux_compat_net || !selinux_policycap_netpeer) |
4737 | return selinux_ip_postroute_compat(skb, ifindex, family); | 4737 | return selinux_ip_postroute_compat(skb, ifindex, family); |
4738 | 4738 | #ifdef CONFIG_XFRM | |
4739 | /* If skb->dst->xfrm is non-NULL then the packet is undergoing an IPsec | 4739 | /* If skb->dst->xfrm is non-NULL then the packet is undergoing an IPsec |
4740 | * packet transformation so allow the packet to pass without any checks | 4740 | * packet transformation so allow the packet to pass without any checks |
4741 | * since we'll have another chance to perform access control checks | 4741 | * since we'll have another chance to perform access control checks |
@@ -4744,7 +4744,7 @@ static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex, | |||
4744 | * is NULL, in this case go ahead and apply access control. */ | 4744 | * is NULL, in this case go ahead and apply access control. */ |
4745 | if (skb->dst != NULL && skb->dst->xfrm != NULL) | 4745 | if (skb->dst != NULL && skb->dst->xfrm != NULL) |
4746 | return NF_ACCEPT; | 4746 | return NF_ACCEPT; |
4747 | 4747 | #endif | |
4748 | secmark_active = selinux_secmark_enabled(); | 4748 | secmark_active = selinux_secmark_enabled(); |
4749 | peerlbl_active = netlbl_enabled() || selinux_xfrm_enabled(); | 4749 | peerlbl_active = netlbl_enabled() || selinux_xfrm_enabled(); |
4750 | if (!secmark_active && !peerlbl_active) | 4750 | if (!secmark_active && !peerlbl_active) |