diff options
| author | Paul Moore <paul.moore@hp.com> | 2008-12-31 12:54:11 -0500 |
|---|---|---|
| committer | Paul Moore <paul.moore@hp.com> | 2008-12-31 12:54:11 -0500 |
| commit | 6c2e8ac0953fccdd24dc6c4b9e08e8f1cd68cf07 (patch) | |
| tree | c52e242ec5e5c2d131af2d9dbb038f78f724a74c /security/smack | |
| parent | 6a94cb73064c952255336cc57731904174b2c58f (diff) | |
netlabel: Update kernel configuration API
Update the NetLabel kernel API to expose the new features added in kernel
releases 2.6.25 and 2.6.28: the static/fallback label functionality and network
address based selectors.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Diffstat (limited to 'security/smack')
| -rw-r--r-- | security/smack/smackfs.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 247dc9ebbc71..594e934f1385 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c | |||
| @@ -350,7 +350,7 @@ static void smk_cipso_doi(void) | |||
| 350 | audit_info.sessionid = audit_get_sessionid(current); | 350 | audit_info.sessionid = audit_get_sessionid(current); |
| 351 | audit_info.secid = smack_to_secid(current_security()); | 351 | audit_info.secid = smack_to_secid(current_security()); |
| 352 | 352 | ||
| 353 | rc = netlbl_cfg_map_del(NULL, &audit_info); | 353 | rc = netlbl_cfg_map_del(NULL, PF_UNSPEC, NULL, NULL, &audit_info); |
| 354 | if (rc != 0) | 354 | if (rc != 0) |
| 355 | printk(KERN_WARNING "%s:%d remove rc = %d\n", | 355 | printk(KERN_WARNING "%s:%d remove rc = %d\n", |
| 356 | __func__, __LINE__, rc); | 356 | __func__, __LINE__, rc); |
| @@ -365,11 +365,20 @@ static void smk_cipso_doi(void) | |||
| 365 | for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) | 365 | for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) |
| 366 | doip->tags[rc] = CIPSO_V4_TAG_INVALID; | 366 | doip->tags[rc] = CIPSO_V4_TAG_INVALID; |
| 367 | 367 | ||
| 368 | rc = netlbl_cfg_cipsov4_add_map(doip, NULL, &audit_info); | 368 | rc = netlbl_cfg_cipsov4_add(doip, &audit_info); |
| 369 | if (rc != 0) { | 369 | if (rc != 0) { |
| 370 | printk(KERN_WARNING "%s:%d add rc = %d\n", | 370 | printk(KERN_WARNING "%s:%d cipso add rc = %d\n", |
| 371 | __func__, __LINE__, rc); | ||
| 372 | kfree(doip); | ||
| 373 | return; | ||
| 374 | } | ||
| 375 | rc = netlbl_cfg_cipsov4_map_add(doip->doi, | ||
| 376 | NULL, NULL, NULL, &audit_info); | ||
| 377 | if (rc != 0) { | ||
| 378 | printk(KERN_WARNING "%s:%d map add rc = %d\n", | ||
| 371 | __func__, __LINE__, rc); | 379 | __func__, __LINE__, rc); |
| 372 | kfree(doip); | 380 | kfree(doip); |
| 381 | return; | ||
| 373 | } | 382 | } |
| 374 | } | 383 | } |
| 375 | 384 | ||
| @@ -386,13 +395,15 @@ static void smk_unlbl_ambient(char *oldambient) | |||
| 386 | audit_info.secid = smack_to_secid(current_security()); | 395 | audit_info.secid = smack_to_secid(current_security()); |
| 387 | 396 | ||
| 388 | if (oldambient != NULL) { | 397 | if (oldambient != NULL) { |
| 389 | rc = netlbl_cfg_map_del(oldambient, &audit_info); | 398 | rc = netlbl_cfg_map_del(oldambient, |
| 399 | PF_UNSPEC, NULL, NULL, &audit_info); | ||
| 390 | if (rc != 0) | 400 | if (rc != 0) |
| 391 | printk(KERN_WARNING "%s:%d remove rc = %d\n", | 401 | printk(KERN_WARNING "%s:%d remove rc = %d\n", |
| 392 | __func__, __LINE__, rc); | 402 | __func__, __LINE__, rc); |
| 393 | } | 403 | } |
| 394 | 404 | ||
| 395 | rc = netlbl_cfg_unlbl_add_map(smack_net_ambient, &audit_info); | 405 | rc = netlbl_cfg_unlbl_map_add(smack_net_ambient, |
| 406 | PF_INET, NULL, NULL, &audit_info); | ||
| 396 | if (rc != 0) | 407 | if (rc != 0) |
| 397 | printk(KERN_WARNING "%s:%d add rc = %d\n", | 408 | printk(KERN_WARNING "%s:%d add rc = %d\n", |
| 398 | __func__, __LINE__, rc); | 409 | __func__, __LINE__, rc); |