diff options
Diffstat (limited to 'net/netlabel/netlabel_kapi.c')
-rw-r--r-- | net/netlabel/netlabel_kapi.c | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c index 4f50949722a9..c69e3e1f05c3 100644 --- a/net/netlabel/netlabel_kapi.c +++ b/net/netlabel/netlabel_kapi.c | |||
@@ -34,6 +34,7 @@ | |||
34 | #include <net/netlabel.h> | 34 | #include <net/netlabel.h> |
35 | #include <net/cipso_ipv4.h> | 35 | #include <net/cipso_ipv4.h> |
36 | #include <asm/bug.h> | 36 | #include <asm/bug.h> |
37 | #include <asm/atomic.h> | ||
37 | 38 | ||
38 | #include "netlabel_domainhash.h" | 39 | #include "netlabel_domainhash.h" |
39 | #include "netlabel_unlabeled.h" | 40 | #include "netlabel_unlabeled.h" |
@@ -262,7 +263,7 @@ int netlbl_enabled(void) | |||
262 | /* At some point we probably want to expose this mechanism to the user | 263 | /* At some point we probably want to expose this mechanism to the user |
263 | * as well so that admins can toggle NetLabel regardless of the | 264 | * as well so that admins can toggle NetLabel regardless of the |
264 | * configuration */ | 265 | * configuration */ |
265 | return (netlbl_mgmt_protocount_value() > 0 ? 1 : 0); | 266 | return (atomic_read(&netlabel_mgmt_protocount) > 0); |
266 | } | 267 | } |
267 | 268 | ||
268 | /** | 269 | /** |
@@ -311,7 +312,7 @@ socket_setattr_return: | |||
311 | * @secattr: the security attributes | 312 | * @secattr: the security attributes |
312 | * | 313 | * |
313 | * Description: | 314 | * Description: |
314 | * Examines the given sock to see any NetLabel style labeling has been | 315 | * Examines the given sock to see if any NetLabel style labeling has been |
315 | * applied to the sock, if so it parses the socket label and returns the | 316 | * applied to the sock, if so it parses the socket label and returns the |
316 | * security attributes in @secattr. Returns zero on success, negative values | 317 | * security attributes in @secattr. Returns zero on success, negative values |
317 | * on failure. | 318 | * on failure. |
@@ -319,18 +320,13 @@ socket_setattr_return: | |||
319 | */ | 320 | */ |
320 | int netlbl_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr) | 321 | int netlbl_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr) |
321 | { | 322 | { |
322 | int ret_val; | 323 | return cipso_v4_sock_getattr(sk, secattr); |
323 | |||
324 | ret_val = cipso_v4_sock_getattr(sk, secattr); | ||
325 | if (ret_val == 0) | ||
326 | return 0; | ||
327 | |||
328 | return netlbl_unlabel_getattr(secattr); | ||
329 | } | 324 | } |
330 | 325 | ||
331 | /** | 326 | /** |
332 | * netlbl_skbuff_getattr - Determine the security attributes of a packet | 327 | * netlbl_skbuff_getattr - Determine the security attributes of a packet |
333 | * @skb: the packet | 328 | * @skb: the packet |
329 | * @family: protocol family | ||
334 | * @secattr: the security attributes | 330 | * @secattr: the security attributes |
335 | * | 331 | * |
336 | * Description: | 332 | * Description: |
@@ -341,13 +337,14 @@ int netlbl_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr) | |||
341 | * | 337 | * |
342 | */ | 338 | */ |
343 | int netlbl_skbuff_getattr(const struct sk_buff *skb, | 339 | int netlbl_skbuff_getattr(const struct sk_buff *skb, |
340 | u16 family, | ||
344 | struct netlbl_lsm_secattr *secattr) | 341 | struct netlbl_lsm_secattr *secattr) |
345 | { | 342 | { |
346 | if (CIPSO_V4_OPTEXIST(skb) && | 343 | if (CIPSO_V4_OPTEXIST(skb) && |
347 | cipso_v4_skbuff_getattr(skb, secattr) == 0) | 344 | cipso_v4_skbuff_getattr(skb, secattr) == 0) |
348 | return 0; | 345 | return 0; |
349 | 346 | ||
350 | return netlbl_unlabel_getattr(secattr); | 347 | return netlbl_unlabel_getattr(skb, family, secattr); |
351 | } | 348 | } |
352 | 349 | ||
353 | /** | 350 | /** |
@@ -431,6 +428,10 @@ static int __init netlbl_init(void) | |||
431 | if (ret_val != 0) | 428 | if (ret_val != 0) |
432 | goto init_failure; | 429 | goto init_failure; |
433 | 430 | ||
431 | ret_val = netlbl_unlabel_init(NETLBL_UNLHSH_BITSIZE); | ||
432 | if (ret_val != 0) | ||
433 | goto init_failure; | ||
434 | |||
434 | ret_val = netlbl_netlink_init(); | 435 | ret_val = netlbl_netlink_init(); |
435 | if (ret_val != 0) | 436 | if (ret_val != 0) |
436 | goto init_failure; | 437 | goto init_failure; |