diff options
author | Paul Moore <paul.moore@hp.com> | 2008-12-31 12:54:11 -0500 |
---|---|---|
committer | Paul Moore <paul.moore@hp.com> | 2008-12-31 12:54:11 -0500 |
commit | 6c2e8ac0953fccdd24dc6c4b9e08e8f1cd68cf07 (patch) | |
tree | c52e242ec5e5c2d131af2d9dbb038f78f724a74c /security/smack/smackfs.c | |
parent | 6a94cb73064c952255336cc57731904174b2c58f (diff) |
netlabel: Update kernel configuration API
Update the NetLabel kernel API to expose the new features added in kernel
releases 2.6.25 and 2.6.28: the static/fallback label functionality and network
address based selectors.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Diffstat (limited to 'security/smack/smackfs.c')
-rw-r--r-- | security/smack/smackfs.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 247dc9ebbc71..594e934f1385 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c | |||
@@ -350,7 +350,7 @@ static void smk_cipso_doi(void) | |||
350 | audit_info.sessionid = audit_get_sessionid(current); | 350 | audit_info.sessionid = audit_get_sessionid(current); |
351 | audit_info.secid = smack_to_secid(current_security()); | 351 | audit_info.secid = smack_to_secid(current_security()); |
352 | 352 | ||
353 | rc = netlbl_cfg_map_del(NULL, &audit_info); | 353 | rc = netlbl_cfg_map_del(NULL, PF_UNSPEC, NULL, NULL, &audit_info); |
354 | if (rc != 0) | 354 | if (rc != 0) |
355 | printk(KERN_WARNING "%s:%d remove rc = %d\n", | 355 | printk(KERN_WARNING "%s:%d remove rc = %d\n", |
356 | __func__, __LINE__, rc); | 356 | __func__, __LINE__, rc); |
@@ -365,11 +365,20 @@ static void smk_cipso_doi(void) | |||
365 | for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) | 365 | for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) |
366 | doip->tags[rc] = CIPSO_V4_TAG_INVALID; | 366 | doip->tags[rc] = CIPSO_V4_TAG_INVALID; |
367 | 367 | ||
368 | rc = netlbl_cfg_cipsov4_add_map(doip, NULL, &audit_info); | 368 | rc = netlbl_cfg_cipsov4_add(doip, &audit_info); |
369 | if (rc != 0) { | 369 | if (rc != 0) { |
370 | printk(KERN_WARNING "%s:%d add rc = %d\n", | 370 | printk(KERN_WARNING "%s:%d cipso add rc = %d\n", |
371 | __func__, __LINE__, rc); | ||
372 | kfree(doip); | ||
373 | return; | ||
374 | } | ||
375 | rc = netlbl_cfg_cipsov4_map_add(doip->doi, | ||
376 | NULL, NULL, NULL, &audit_info); | ||
377 | if (rc != 0) { | ||
378 | printk(KERN_WARNING "%s:%d map add rc = %d\n", | ||
371 | __func__, __LINE__, rc); | 379 | __func__, __LINE__, rc); |
372 | kfree(doip); | 380 | kfree(doip); |
381 | return; | ||
373 | } | 382 | } |
374 | } | 383 | } |
375 | 384 | ||
@@ -386,13 +395,15 @@ static void smk_unlbl_ambient(char *oldambient) | |||
386 | audit_info.secid = smack_to_secid(current_security()); | 395 | audit_info.secid = smack_to_secid(current_security()); |
387 | 396 | ||
388 | if (oldambient != NULL) { | 397 | if (oldambient != NULL) { |
389 | rc = netlbl_cfg_map_del(oldambient, &audit_info); | 398 | rc = netlbl_cfg_map_del(oldambient, |
399 | PF_UNSPEC, NULL, NULL, &audit_info); | ||
390 | if (rc != 0) | 400 | if (rc != 0) |
391 | printk(KERN_WARNING "%s:%d remove rc = %d\n", | 401 | printk(KERN_WARNING "%s:%d remove rc = %d\n", |
392 | __func__, __LINE__, rc); | 402 | __func__, __LINE__, rc); |
393 | } | 403 | } |
394 | 404 | ||
395 | rc = netlbl_cfg_unlbl_add_map(smack_net_ambient, &audit_info); | 405 | rc = netlbl_cfg_unlbl_map_add(smack_net_ambient, |
406 | PF_INET, NULL, NULL, &audit_info); | ||
396 | if (rc != 0) | 407 | if (rc != 0) |
397 | printk(KERN_WARNING "%s:%d add rc = %d\n", | 408 | printk(KERN_WARNING "%s:%d add rc = %d\n", |
398 | __func__, __LINE__, rc); | 409 | __func__, __LINE__, rc); |