diff options
author | Paul Moore <paul.moore@hp.com> | 2010-04-22 14:46:18 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-08-02 01:34:38 -0400 |
commit | 84914b7ed1c5e0f3199a5a6997022758a70fcaff (patch) | |
tree | a0ac9631fba19280516ec26819c884e6b086b183 /security/selinux | |
parent | d4f2d97841827cb876da8b607df05a3dab812416 (diff) |
selinux: Shuffle the sk_security_struct alloc and free routines
The sk_alloc_security() and sk_free_security() functions were only being
called by the selinux_sk_alloc_security() and selinux_sk_free_security()
functions so we just move the guts of the alloc/free routines to the
callers and eliminate a layer of indirection.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/hooks.c | 45 |
1 files changed, 17 insertions, 28 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 2d94a406574e..01f52424cfe5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -279,32 +279,6 @@ static void superblock_free_security(struct super_block *sb) | |||
279 | kfree(sbsec); | 279 | kfree(sbsec); |
280 | } | 280 | } |
281 | 281 | ||
282 | static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) | ||
283 | { | ||
284 | struct sk_security_struct *sksec; | ||
285 | |||
286 | sksec = kzalloc(sizeof(*sksec), priority); | ||
287 | if (!sksec) | ||
288 | return -ENOMEM; | ||
289 | |||
290 | sksec->peer_sid = SECINITSID_UNLABELED; | ||
291 | sksec->sid = SECINITSID_UNLABELED; | ||
292 | sk->sk_security = sksec; | ||
293 | |||
294 | selinux_netlbl_sk_security_reset(sksec); | ||
295 | |||
296 | return 0; | ||
297 | } | ||
298 | |||
299 | static void sk_free_security(struct sock *sk) | ||
300 | { | ||
301 | struct sk_security_struct *sksec = sk->sk_security; | ||
302 | |||
303 | sk->sk_security = NULL; | ||
304 | selinux_netlbl_sk_security_free(sksec); | ||
305 | kfree(sksec); | ||
306 | } | ||
307 | |||
308 | /* The security server must be initialized before | 282 | /* The security server must be initialized before |
309 | any labeling or access decisions can be provided. */ | 283 | any labeling or access decisions can be provided. */ |
310 | extern int ss_initialized; | 284 | extern int ss_initialized; |
@@ -4224,12 +4198,27 @@ out: | |||
4224 | 4198 | ||
4225 | static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority) | 4199 | static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority) |
4226 | { | 4200 | { |
4227 | return sk_alloc_security(sk, family, priority); | 4201 | struct sk_security_struct *sksec; |
4202 | |||
4203 | sksec = kzalloc(sizeof(*sksec), priority); | ||
4204 | if (!sksec) | ||
4205 | return -ENOMEM; | ||
4206 | |||
4207 | sksec->peer_sid = SECINITSID_UNLABELED; | ||
4208 | sksec->sid = SECINITSID_UNLABELED; | ||
4209 | selinux_netlbl_sk_security_reset(sksec); | ||
4210 | sk->sk_security = sksec; | ||
4211 | |||
4212 | return 0; | ||
4228 | } | 4213 | } |
4229 | 4214 | ||
4230 | static void selinux_sk_free_security(struct sock *sk) | 4215 | static void selinux_sk_free_security(struct sock *sk) |
4231 | { | 4216 | { |
4232 | sk_free_security(sk); | 4217 | struct sk_security_struct *sksec = sk->sk_security; |
4218 | |||
4219 | sk->sk_security = NULL; | ||
4220 | selinux_netlbl_sk_security_free(sksec); | ||
4221 | kfree(sksec); | ||
4233 | } | 4222 | } |
4234 | 4223 | ||
4235 | static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk) | 4224 | static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk) |