aboutsummaryrefslogtreecommitdiffstats
path: root/net/netlabel/netlabel_unlabeled.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/netlabel/netlabel_unlabeled.c')
-rw-r--r--net/netlabel/netlabel_unlabeled.c30
1 files changed, 20 insertions, 10 deletions
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c
index 42e81fd8cc49..3e745b72fded 100644
--- a/net/netlabel/netlabel_unlabeled.c
+++ b/net/netlabel/netlabel_unlabeled.c
@@ -180,6 +180,7 @@ static void netlbl_unlabel_audit_addr4(struct audit_buffer *audit_buf,
180 } 180 }
181} 181}
182 182
183#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
183/** 184/**
184 * netlbl_unlabel_audit_addr6 - Audit an IPv6 address 185 * netlbl_unlabel_audit_addr6 - Audit an IPv6 address
185 * @audit_buf: audit buffer 186 * @audit_buf: audit buffer
@@ -213,6 +214,7 @@ static void netlbl_unlabel_audit_addr6(struct audit_buffer *audit_buf,
213 audit_log_format(audit_buf, " src_prefixlen=%d", mask_len); 214 audit_log_format(audit_buf, " src_prefixlen=%d", mask_len);
214 } 215 }
215} 216}
217#endif /* IPv6 */
216 218
217/* 219/*
218 * Unlabeled Connection Hash Table Functions 220 * Unlabeled Connection Hash Table Functions
@@ -617,8 +619,6 @@ static int netlbl_unlhsh_add(struct net *net,
617 int ifindex; 619 int ifindex;
618 struct net_device *dev; 620 struct net_device *dev;
619 struct netlbl_unlhsh_iface *iface; 621 struct netlbl_unlhsh_iface *iface;
620 struct in_addr *addr4, *mask4;
621 struct in6_addr *addr6, *mask6;
622 struct audit_buffer *audit_buf = NULL; 622 struct audit_buffer *audit_buf = NULL;
623 char *secctx = NULL; 623 char *secctx = NULL;
624 u32 secctx_len; 624 u32 secctx_len;
@@ -651,7 +651,9 @@ static int netlbl_unlhsh_add(struct net *net,
651 audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_STCADD, 651 audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_STCADD,
652 audit_info); 652 audit_info);
653 switch (addr_len) { 653 switch (addr_len) {
654 case sizeof(struct in_addr): 654 case sizeof(struct in_addr): {
655 struct in_addr *addr4, *mask4;
656
655 addr4 = (struct in_addr *)addr; 657 addr4 = (struct in_addr *)addr;
656 mask4 = (struct in_addr *)mask; 658 mask4 = (struct in_addr *)mask;
657 ret_val = netlbl_unlhsh_add_addr4(iface, addr4, mask4, secid); 659 ret_val = netlbl_unlhsh_add_addr4(iface, addr4, mask4, secid);
@@ -661,8 +663,11 @@ static int netlbl_unlhsh_add(struct net *net,
661 addr4->s_addr, 663 addr4->s_addr,
662 mask4->s_addr); 664 mask4->s_addr);
663 break; 665 break;
666 }
664#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 667#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
665 case sizeof(struct in6_addr): 668 case sizeof(struct in6_addr): {
669 struct in6_addr *addr6, *mask6;
670
666 addr6 = (struct in6_addr *)addr; 671 addr6 = (struct in6_addr *)addr;
667 mask6 = (struct in6_addr *)mask; 672 mask6 = (struct in6_addr *)mask;
668 ret_val = netlbl_unlhsh_add_addr6(iface, addr6, mask6, secid); 673 ret_val = netlbl_unlhsh_add_addr6(iface, addr6, mask6, secid);
@@ -671,6 +676,7 @@ static int netlbl_unlhsh_add(struct net *net,
671 dev_name, 676 dev_name,
672 addr6, mask6); 677 addr6, mask6);
673 break; 678 break;
679 }
674#endif /* IPv6 */ 680#endif /* IPv6 */
675 default: 681 default:
676 ret_val = -EINVAL; 682 ret_val = -EINVAL;
@@ -1741,10 +1747,6 @@ int netlbl_unlabel_getattr(const struct sk_buff *skb,
1741 u16 family, 1747 u16 family,
1742 struct netlbl_lsm_secattr *secattr) 1748 struct netlbl_lsm_secattr *secattr)
1743{ 1749{
1744 struct iphdr *hdr4;
1745 struct ipv6hdr *hdr6;
1746 struct netlbl_unlhsh_addr4 *addr4;
1747 struct netlbl_unlhsh_addr6 *addr6;
1748 struct netlbl_unlhsh_iface *iface; 1750 struct netlbl_unlhsh_iface *iface;
1749 1751
1750 rcu_read_lock(); 1752 rcu_read_lock();
@@ -1752,21 +1754,29 @@ int netlbl_unlabel_getattr(const struct sk_buff *skb,
1752 if (iface == NULL) 1754 if (iface == NULL)
1753 goto unlabel_getattr_nolabel; 1755 goto unlabel_getattr_nolabel;
1754 switch (family) { 1756 switch (family) {
1755 case PF_INET: 1757 case PF_INET: {
1758 struct iphdr *hdr4;
1759 struct netlbl_unlhsh_addr4 *addr4;
1760
1756 hdr4 = ip_hdr(skb); 1761 hdr4 = ip_hdr(skb);
1757 addr4 = netlbl_unlhsh_search_addr4(hdr4->saddr, iface); 1762 addr4 = netlbl_unlhsh_search_addr4(hdr4->saddr, iface);
1758 if (addr4 == NULL) 1763 if (addr4 == NULL)
1759 goto unlabel_getattr_nolabel; 1764 goto unlabel_getattr_nolabel;
1760 secattr->attr.secid = addr4->secid; 1765 secattr->attr.secid = addr4->secid;
1761 break; 1766 break;
1767 }
1762#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1768#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1763 case PF_INET6: 1769 case PF_INET6: {
1770 struct ipv6hdr *hdr6;
1771 struct netlbl_unlhsh_addr6 *addr6;
1772
1764 hdr6 = ipv6_hdr(skb); 1773 hdr6 = ipv6_hdr(skb);
1765 addr6 = netlbl_unlhsh_search_addr6(&hdr6->saddr, iface); 1774 addr6 = netlbl_unlhsh_search_addr6(&hdr6->saddr, iface);
1766 if (addr6 == NULL) 1775 if (addr6 == NULL)
1767 goto unlabel_getattr_nolabel; 1776 goto unlabel_getattr_nolabel;
1768 secattr->attr.secid = addr6->secid; 1777 secattr->attr.secid = addr6->secid;
1769 break; 1778 break;
1779 }
1770#endif /* IPv6 */ 1780#endif /* IPv6 */
1771 default: 1781 default:
1772 goto unlabel_getattr_nolabel; 1782 goto unlabel_getattr_nolabel;
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-21 13:19:59 -0500