Merge branch 'master'; commit 'v2.6.39-rc3' into next

author: James Morris <jmorris@namei.org> 2011-04-19 07:32:41 -0400
committer: James Morris <jmorris@namei.org> 2011-04-19 07:32:41 -0400
commit: d4ab4e6a23f805abb8fc3cc34525eec3788aeca1 (patch)
tree: eefd82c155bc27469a85667d759cd90facf4a6e3 /security
parent: c0fa797ae6cd02ff87c0bfe0d509368a3b45640e (diff)
parent: 96fd2d57b8252e16dfacf8941f7a74a6119197f5 (diff)
8 files changed, 13 insertions, 13 deletions
diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 5cb4dc1f6992..06d764ccbbe5 100644
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -195,7 +195,7 @@ void aa_dfa_free_kref(struct kref *kref)
 *
 * Unpack a dfa that has been serialized.  To find information on the dfa
 * format look in Documentation/apparmor.txt
- * Assumes the dfa @blob stream has been aligned on a 8 byte boundry
+ * Assumes the dfa @blob stream has been aligned on a 8 byte boundary
 *
 * Returns: an unpacked dfa ready for matching or ERR_PTR on failure
 */
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index eb3700e9fd37..e33aaf7e5744 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -359,7 +359,7 @@ fail:
 * @e: serialized data extent information  (NOT NULL)
 * @profile: profile to add the accept table to (NOT NULL)
 *
- * Returns: 1 if table succesfully unpacked
+ * Returns: 1 if table successfully unpacked
 */
 static bool unpack_trans_table(struct aa_ext *e, struct aa_profile *profile)
 {
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c
index 1c2fc46544bf..c3bf3ed07b06 100644
--- a/security/selinux/netlabel.c
+++ b/security/selinux/netlabel.c
@@ -151,7 +151,7 @@ void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec)
 *
 * Description:
 * Called when the NetLabel state of a sk_security_struct needs to be reset.
- * The caller is responsibile for all the NetLabel sk_security_struct locking.
+ * The caller is responsible for all the NetLabel sk_security_struct locking.
 *
 */
 void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index ea7c01f4a2bf..6ef4af47dac4 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2806,7 +2806,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
        case AUDIT_SUBJ_CLR:
        case AUDIT_OBJ_LEV_LOW:
        case AUDIT_OBJ_LEV_HIGH:
-                /* we do not allow a range, indicated by the presense of '-' */
+                /* we do not allow a range, indicated by the presence of '-' */
                if (strchr(rulestr, '-'))
                        return -EINVAL;
                break;
@@ -3075,7 +3075,7 @@ static void security_netlbl_cache_add(struct netlbl_lsm_secattr *secattr,
 * Description:
 * Convert the given NetLabel security attributes in @secattr into a
 * SELinux SID.  If the @secattr field does not contain a full SELinux
- * SID/context then use SECINITSID_NETMSG as the foundation.  If possibile the
+ * SID/context then use SECINITSID_NETMSG as the foundation.  If possible the
 * 'cache' field of @secattr is set and the CACHE flag is set; this is to
 * allow the @secattr to be used by NetLabel to cache the secattr to SID
 * conversion for future lookups.  Returns zero on success, negative values on
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index 86453db4333d..9637e107f7ea 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -431,7 +431,7 @@ char *smk_import(const char *string, int len)
 * smack_from_secid - find the Smack label associated with a secid
 * @secid: an integer that might be associated with a Smack label
 *
- * Returns a pointer to the appropraite Smack label if there is one,
+ * Returns a pointer to the appropriate Smack label if there is one,
 * otherwise a pointer to the invalid Smack label.
 */
 char *smack_from_secid(const u32 secid)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 23c7a6d0c80c..c6f8fcadae07 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1794,7 +1794,7 @@ static void smack_set_catset(char *catset, struct netlbl_lsm_secattr *sap)
 * Casey says that CIPSO is good enough for now.
 * It can be used to effect.
 * It can also be abused to effect when necessary.
- * Appologies to the TSIG group in general and GW in particular.
+ * Apologies to the TSIG group in general and GW in particular.
 */
 static void smack_to_secattr(char *smack, struct netlbl_lsm_secattr *nlsp)
 {
@@ -2530,7 +2530,7 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
        switch (sbp->s_magic) {
        case SMACK_MAGIC:
                /*
-                 * Casey says that it's a little embarassing
+                 * Casey says that it's a little embarrassing
                 * that the smack file system doesn't do
                 * extended attributes.
                 */
@@ -3084,7 +3084,7 @@ static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb,
        /*
         * We need to decide if we want to label the incoming connection here
         * if we do we only need to label the request_sock and the stack will
-         * propogate the wire-label to the sock when it is created.
+         * propagate the wire-label to the sock when it is created.
         */
        hdr = ip_hdr(skb);
        addr.sin_addr.s_addr = hdr->saddr;
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index 90d1bbaaa6f3..f93460156dce 100644
--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -208,7 +208,7 @@ static ssize_t smk_write_load_list(struct file *file, const char __user *buf,
        if (*ppos != 0)
                return -EINVAL;
        /*
-         * Minor hack for backward compatability
+         * Minor hack for backward compatibility
         */
        if (count < (SMK_OLOADLEN) || count > SMK_LOADLEN)
                return -EINVAL;
@@ -223,7 +223,7 @@ static ssize_t smk_write_load_list(struct file *file, const char __user *buf,
        }
        /*
-         * More on the minor hack for backward compatability
+         * More on the minor hack for backward compatibility
         */
        if (count == (SMK_OLOADLEN))
                data[SMK_OLOADLEN] = '-';
@@ -927,7 +927,7 @@ static ssize_t smk_write_netlbladdr(struct file *file, const char __user *buf,
                }
        } else {
                /* we delete the unlabeled entry, only if the previous label
-                 * wasnt the special CIPSO option */
+                 * wasn't the special CIPSO option */
                if (skp->smk_label != smack_cipso_option)
                        rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
                                        &skp->smk_host.sin_addr, &skp->smk_mask,
diff --git a/security/tomoyo/load_policy.c b/security/tomoyo/load_policy.c
index bbada7ca1b91..3312e5624f24 100644
--- a/security/tomoyo/load_policy.c
+++ b/security/tomoyo/load_policy.c
@@ -23,7 +23,7 @@ static bool tomoyo_policy_loader_exists(void)
         * If the initrd includes /sbin/init but real-root-dev has not
         * mounted on / yet, activating MAC will block the system since
         * policies are not loaded yet.
-         * Thus, let do_execve() call this function everytime.
+         * Thus, let do_execve() call this function every time.
         */
        struct path path;
author	James Morris <jmorris@namei.org>	2011-04-19 07:32:41 -0400
committer	James Morris <jmorris@namei.org>	2011-04-19 07:32:41 -0400
commit	d4ab4e6a23f805abb8fc3cc34525eec3788aeca1 (patch)
tree	eefd82c155bc27469a85667d759cd90facf4a6e3 /security
parent	c0fa797ae6cd02ff87c0bfe0d509368a3b45640e (diff)
parent	96fd2d57b8252e16dfacf8941f7a74a6119197f5 (diff)

diff --git a/security/apparmor/match.c b/security/apparmor/match.c index 5cb4dc1f6992..06d764ccbbe5 100644 --- a/security/apparmor/match.c +++ b/security/apparmor/match.c
@@ -195,7 +195,7 @@ void aa_dfa_free_kref(struct kref *kref)
195	*	195	*
196	* Unpack a dfa that has been serialized. To find information on the dfa	196	* Unpack a dfa that has been serialized. To find information on the dfa
197	* format look in Documentation/apparmor.txt	197	* format look in Documentation/apparmor.txt
198	* Assumes the dfa @blob stream has been aligned on a 8 byte boundry	198	* Assumes the dfa @blob stream has been aligned on a 8 byte boundary
199	*	199	*
200	* Returns: an unpacked dfa ready for matching or ERR_PTR on failure	200	* Returns: an unpacked dfa ready for matching or ERR_PTR on failure
201	*/	201	*/


diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index eb3700e9fd37..e33aaf7e5744 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c
@@ -359,7 +359,7 @@ fail:
359	* @e: serialized data extent information (NOT NULL)	359	* @e: serialized data extent information (NOT NULL)
360	* @profile: profile to add the accept table to (NOT NULL)	360	* @profile: profile to add the accept table to (NOT NULL)
361	*	361	*
362	* Returns: 1 if table succesfully unpacked	362	* Returns: 1 if table successfully unpacked
363	*/	363	*/
364	static bool unpack_trans_table(struct aa_ext e, struct aa_profile profile)	364	static bool unpack_trans_table(struct aa_ext e, struct aa_profile profile)
365	{	365	{


diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c index 1c2fc46544bf..c3bf3ed07b06 100644 --- a/security/selinux/netlabel.c +++ b/security/selinux/netlabel.c
@@ -151,7 +151,7 @@ void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec)
151	*	151	*
152	* Description:	152	* Description:
153	* Called when the NetLabel state of a sk_security_struct needs to be reset.	153	* Called when the NetLabel state of a sk_security_struct needs to be reset.
154	* The caller is responsibile for all the NetLabel sk_security_struct locking.	154	* The caller is responsible for all the NetLabel sk_security_struct locking.
155	*	155	*
156	*/	156	*/
157	void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)	157	void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)


diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index ea7c01f4a2bf..6ef4af47dac4 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c
@@ -2806,7 +2806,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char rulestr, void *vrule)
2806	case AUDIT_SUBJ_CLR:	2806	case AUDIT_SUBJ_CLR:
2807	case AUDIT_OBJ_LEV_LOW:	2807	case AUDIT_OBJ_LEV_LOW:
2808	case AUDIT_OBJ_LEV_HIGH:	2808	case AUDIT_OBJ_LEV_HIGH:
2809	/* we do not allow a range, indicated by the presense of '-' */	2809	/* we do not allow a range, indicated by the presence of '-' */
2810	if (strchr(rulestr, '-'))	2810	if (strchr(rulestr, '-'))
2811	return -EINVAL;	2811	return -EINVAL;
2812	break;	2812	break;
@@ -3075,7 +3075,7 @@ static void security_netlbl_cache_add(struct netlbl_lsm_secattr *secattr,
3075	* Description:	3075	* Description:
3076	* Convert the given NetLabel security attributes in @secattr into a	3076	* Convert the given NetLabel security attributes in @secattr into a
3077	* SELinux SID. If the @secattr field does not contain a full SELinux	3077	* SELinux SID. If the @secattr field does not contain a full SELinux
3078	* SID/context then use SECINITSID_NETMSG as the foundation. If possibile the	3078	* SID/context then use SECINITSID_NETMSG as the foundation. If possible the
3079	* 'cache' field of @secattr is set and the CACHE flag is set; this is to	3079	* 'cache' field of @secattr is set and the CACHE flag is set; this is to
3080	* allow the @secattr to be used by NetLabel to cache the secattr to SID	3080	* allow the @secattr to be used by NetLabel to cache the secattr to SID
3081	* conversion for future lookups. Returns zero on success, negative values on	3081	* conversion for future lookups. Returns zero on success, negative values on


diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c index 86453db4333d..9637e107f7ea 100644 --- a/security/smack/smack_access.c +++ b/security/smack/smack_access.c
@@ -431,7 +431,7 @@ char smk_import(const char string, int len)
431	* smack_from_secid - find the Smack label associated with a secid	431	* smack_from_secid - find the Smack label associated with a secid
432	* @secid: an integer that might be associated with a Smack label	432	* @secid: an integer that might be associated with a Smack label
433	*	433	*
434	* Returns a pointer to the appropraite Smack label if there is one,	434	* Returns a pointer to the appropriate Smack label if there is one,
435	* otherwise a pointer to the invalid Smack label.	435	* otherwise a pointer to the invalid Smack label.
436	*/	436	*/
437	char *smack_from_secid(const u32 secid)	437	char *smack_from_secid(const u32 secid)


diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 23c7a6d0c80c..c6f8fcadae07 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c
@@ -1794,7 +1794,7 @@ static void smack_set_catset(char catset, struct netlbl_lsm_secattr sap)
1794	* Casey says that CIPSO is good enough for now.	1794	* Casey says that CIPSO is good enough for now.
1795	* It can be used to effect.	1795	* It can be used to effect.
1796	* It can also be abused to effect when necessary.	1796	* It can also be abused to effect when necessary.
1797	* Appologies to the TSIG group in general and GW in particular.	1797	* Apologies to the TSIG group in general and GW in particular.
1798	*/	1798	*/
1799	static void smack_to_secattr(char smack, struct netlbl_lsm_secattr nlsp)	1799	static void smack_to_secattr(char smack, struct netlbl_lsm_secattr nlsp)
1800	{	1800	{
@@ -2530,7 +2530,7 @@ static void smack_d_instantiate(struct dentry opt_dentry, struct inode inode)
2530	switch (sbp->s_magic) {	2530	switch (sbp->s_magic) {
2531	case SMACK_MAGIC:	2531	case SMACK_MAGIC:
2532	/*	2532	/*
2533	* Casey says that it's a little embarassing	2533	* Casey says that it's a little embarrassing
2534	* that the smack file system doesn't do	2534	* that the smack file system doesn't do
2535	* extended attributes.	2535	* extended attributes.
2536	*/	2536	*/
@@ -3084,7 +3084,7 @@ static int smack_inet_conn_request(struct sock sk, struct sk_buff skb,
3084	/*	3084	/*
3085	* We need to decide if we want to label the incoming connection here	3085	* We need to decide if we want to label the incoming connection here
3086	* if we do we only need to label the request_sock and the stack will	3086	* if we do we only need to label the request_sock and the stack will
3087	* propogate the wire-label to the sock when it is created.	3087	* propagate the wire-label to the sock when it is created.
3088	*/	3088	*/
3089	hdr = ip_hdr(skb);	3089	hdr = ip_hdr(skb);
3090	addr.sin_addr.s_addr = hdr->saddr;	3090	addr.sin_addr.s_addr = hdr->saddr;


diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 90d1bbaaa6f3..f93460156dce 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c
@@ -208,7 +208,7 @@ static ssize_t smk_write_load_list(struct file file, const char __user buf,
208	if (*ppos != 0)	208	if (*ppos != 0)
209	return -EINVAL;	209	return -EINVAL;
210	/*	210	/*
211	* Minor hack for backward compatability	211	* Minor hack for backward compatibility
212	*/	212	*/
213	if (count < (SMK_OLOADLEN) \|\| count > SMK_LOADLEN)	213	if (count < (SMK_OLOADLEN) \|\| count > SMK_LOADLEN)
214	return -EINVAL;	214	return -EINVAL;
@@ -223,7 +223,7 @@ static ssize_t smk_write_load_list(struct file file, const char __user buf,
223	}	223	}
224		224
225	/*	225	/*
226	* More on the minor hack for backward compatability	226	* More on the minor hack for backward compatibility
227	*/	227	*/
228	if (count == (SMK_OLOADLEN))	228	if (count == (SMK_OLOADLEN))
229	data[SMK_OLOADLEN] = '-';	229	data[SMK_OLOADLEN] = '-';
@@ -927,7 +927,7 @@ static ssize_t smk_write_netlbladdr(struct file file, const char __user buf,
927	}	927	}
928	} else {	928	} else {
929	/* we delete the unlabeled entry, only if the previous label	929	/* we delete the unlabeled entry, only if the previous label
930	* wasnt the special CIPSO option */	930	* wasn't the special CIPSO option */
931	if (skp->smk_label != smack_cipso_option)	931	if (skp->smk_label != smack_cipso_option)
932	rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,	932	rc = netlbl_cfg_unlbl_static_del(&init_net, NULL,
933	&skp->smk_host.sin_addr, &skp->smk_mask,	933	&skp->smk_host.sin_addr, &skp->smk_mask,


diff --git a/security/tomoyo/load_policy.c b/security/tomoyo/load_policy.c index bbada7ca1b91..3312e5624f24 100644 --- a/security/tomoyo/load_policy.c +++ b/security/tomoyo/load_policy.c
@@ -23,7 +23,7 @@ static bool tomoyo_policy_loader_exists(void)
23	* If the initrd includes /sbin/init but real-root-dev has not	23	* If the initrd includes /sbin/init but real-root-dev has not
24	* mounted on / yet, activating MAC will block the system since	24	* mounted on / yet, activating MAC will block the system since
25	* policies are not loaded yet.	25	* policies are not loaded yet.
26	* Thus, let do_execve() call this function everytime.	26	* Thus, let do_execve() call this function every time.
27	*/	27	*/
28	struct path path;	28	struct path path;
29		29