aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2008-12-31 12:54:11 -0500
committerPaul Moore <paul.moore@hp.com>2008-12-31 12:54:11 -0500
commit6c2e8ac0953fccdd24dc6c4b9e08e8f1cd68cf07 (patch)
treec52e242ec5e5c2d131af2d9dbb038f78f724a74c /security
parent6a94cb73064c952255336cc57731904174b2c58f (diff)
netlabel: Update kernel configuration API
Update the NetLabel kernel API to expose the new features added in kernel releases 2.6.25 and 2.6.28: the static/fallback label functionality and network address based selectors. Signed-off-by: Paul Moore <paul.moore@hp.com>
Diffstat (limited to 'security')
-rw-r--r--security/smack/smackfs.c21
1 files changed, 16 insertions, 5 deletions
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index 247dc9ebbc71..594e934f1385 100644
--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -350,7 +350,7 @@ static void smk_cipso_doi(void)
350 audit_info.sessionid = audit_get_sessionid(current); 350 audit_info.sessionid = audit_get_sessionid(current);
351 audit_info.secid = smack_to_secid(current_security()); 351 audit_info.secid = smack_to_secid(current_security());
352 352
353 rc = netlbl_cfg_map_del(NULL, &audit_info); 353 rc = netlbl_cfg_map_del(NULL, PF_UNSPEC, NULL, NULL, &audit_info);
354 if (rc != 0) 354 if (rc != 0)
355 printk(KERN_WARNING "%s:%d remove rc = %d\n", 355 printk(KERN_WARNING "%s:%d remove rc = %d\n",
356 __func__, __LINE__, rc); 356 __func__, __LINE__, rc);
@@ -365,11 +365,20 @@ static void smk_cipso_doi(void)
365 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++) 365 for (rc = 1; rc < CIPSO_V4_TAG_MAXCNT; rc++)
366 doip->tags[rc] = CIPSO_V4_TAG_INVALID; 366 doip->tags[rc] = CIPSO_V4_TAG_INVALID;
367 367
368 rc = netlbl_cfg_cipsov4_add_map(doip, NULL, &audit_info); 368 rc = netlbl_cfg_cipsov4_add(doip, &audit_info);
369 if (rc != 0) { 369 if (rc != 0) {
370 printk(KERN_WARNING "%s:%d add rc = %d\n", 370 printk(KERN_WARNING "%s:%d cipso add rc = %d\n",
371 __func__, __LINE__, rc);
372 kfree(doip);
373 return;
374 }
375 rc = netlbl_cfg_cipsov4_map_add(doip->doi,
376 NULL, NULL, NULL, &audit_info);
377 if (rc != 0) {
378 printk(KERN_WARNING "%s:%d map add rc = %d\n",
371 __func__, __LINE__, rc); 379 __func__, __LINE__, rc);
372 kfree(doip); 380 kfree(doip);
381 return;
373 } 382 }
374} 383}
375 384
@@ -386,13 +395,15 @@ static void smk_unlbl_ambient(char *oldambient)
386 audit_info.secid = smack_to_secid(current_security()); 395 audit_info.secid = smack_to_secid(current_security());
387 396
388 if (oldambient != NULL) { 397 if (oldambient != NULL) {
389 rc = netlbl_cfg_map_del(oldambient, &audit_info); 398 rc = netlbl_cfg_map_del(oldambient,
399 PF_UNSPEC, NULL, NULL, &audit_info);
390 if (rc != 0) 400 if (rc != 0)
391 printk(KERN_WARNING "%s:%d remove rc = %d\n", 401 printk(KERN_WARNING "%s:%d remove rc = %d\n",
392 __func__, __LINE__, rc); 402 __func__, __LINE__, rc);
393 } 403 }
394 404
395 rc = netlbl_cfg_unlbl_add_map(smack_net_ambient, &audit_info); 405 rc = netlbl_cfg_unlbl_map_add(smack_net_ambient,
406 PF_INET, NULL, NULL, &audit_info);
396 if (rc != 0) 407 if (rc != 0)
397 printk(KERN_WARNING "%s:%d add rc = %d\n", 408 printk(KERN_WARNING "%s:%d add rc = %d\n",
398 __func__, __LINE__, rc); 409 __func__, __LINE__, rc);