aboutsummaryrefslogtreecommitdiffstats
path: root/net/netlabel/netlabel_kapi.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/netlabel/netlabel_kapi.c')
-rw-r--r--net/netlabel/netlabel_kapi.c21
1 files changed, 11 insertions, 10 deletions
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c
index 4f50949722a9..c69e3e1f05c3 100644
--- a/net/netlabel/netlabel_kapi.c
+++ b/net/netlabel/netlabel_kapi.c
@@ -34,6 +34,7 @@
34#include <net/netlabel.h> 34#include <net/netlabel.h>
35#include <net/cipso_ipv4.h> 35#include <net/cipso_ipv4.h>
36#include <asm/bug.h> 36#include <asm/bug.h>
37#include <asm/atomic.h>
37 38
38#include "netlabel_domainhash.h" 39#include "netlabel_domainhash.h"
39#include "netlabel_unlabeled.h" 40#include "netlabel_unlabeled.h"
@@ -262,7 +263,7 @@ int netlbl_enabled(void)
262 /* At some point we probably want to expose this mechanism to the user 263 /* At some point we probably want to expose this mechanism to the user
263 * as well so that admins can toggle NetLabel regardless of the 264 * as well so that admins can toggle NetLabel regardless of the
264 * configuration */ 265 * configuration */
265 return (netlbl_mgmt_protocount_value() > 0 ? 1 : 0); 266 return (atomic_read(&netlabel_mgmt_protocount) > 0);
266} 267}
267 268
268/** 269/**
@@ -311,7 +312,7 @@ socket_setattr_return:
311 * @secattr: the security attributes 312 * @secattr: the security attributes
312 * 313 *
313 * Description: 314 * Description:
314 * Examines the given sock to see any NetLabel style labeling has been 315 * Examines the given sock to see if any NetLabel style labeling has been
315 * applied to the sock, if so it parses the socket label and returns the 316 * applied to the sock, if so it parses the socket label and returns the
316 * security attributes in @secattr. Returns zero on success, negative values 317 * security attributes in @secattr. Returns zero on success, negative values
317 * on failure. 318 * on failure.
@@ -319,18 +320,13 @@ socket_setattr_return:
319 */ 320 */
320int netlbl_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr) 321int netlbl_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr)
321{ 322{
322 int ret_val; 323 return cipso_v4_sock_getattr(sk, secattr);
323
324 ret_val = cipso_v4_sock_getattr(sk, secattr);
325 if (ret_val == 0)
326 return 0;
327
328 return netlbl_unlabel_getattr(secattr);
329} 324}
330 325
331/** 326/**
332 * netlbl_skbuff_getattr - Determine the security attributes of a packet 327 * netlbl_skbuff_getattr - Determine the security attributes of a packet
333 * @skb: the packet 328 * @skb: the packet
329 * @family: protocol family
334 * @secattr: the security attributes 330 * @secattr: the security attributes
335 * 331 *
336 * Description: 332 * Description:
@@ -341,13 +337,14 @@ int netlbl_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr)
341 * 337 *
342 */ 338 */
343int netlbl_skbuff_getattr(const struct sk_buff *skb, 339int netlbl_skbuff_getattr(const struct sk_buff *skb,
340 u16 family,
344 struct netlbl_lsm_secattr *secattr) 341 struct netlbl_lsm_secattr *secattr)
345{ 342{
346 if (CIPSO_V4_OPTEXIST(skb) && 343 if (CIPSO_V4_OPTEXIST(skb) &&
347 cipso_v4_skbuff_getattr(skb, secattr) == 0) 344 cipso_v4_skbuff_getattr(skb, secattr) == 0)
348 return 0; 345 return 0;
349 346
350 return netlbl_unlabel_getattr(secattr); 347 return netlbl_unlabel_getattr(skb, family, secattr);
351} 348}
352 349
353/** 350/**
@@ -431,6 +428,10 @@ static int __init netlbl_init(void)
431 if (ret_val != 0) 428 if (ret_val != 0)
432 goto init_failure; 429 goto init_failure;
433 430
431 ret_val = netlbl_unlabel_init(NETLBL_UNLHSH_BITSIZE);
432 if (ret_val != 0)
433 goto init_failure;
434
434 ret_val = netlbl_netlink_init(); 435 ret_val = netlbl_netlink_init();
435 if (ret_val != 0) 436 if (ret_val != 0)
436 goto init_failure; 437 goto init_failure;