diff options
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 21 |
1 files changed, 3 insertions, 18 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 4ae834d89bce..b7773bf68efa 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -232,7 +232,6 @@ static void superblock_free_security(struct super_block *sb) | |||
| 232 | kfree(sbsec); | 232 | kfree(sbsec); |
| 233 | } | 233 | } |
| 234 | 234 | ||
| 235 | #ifdef CONFIG_SECURITY_NETWORK | ||
| 236 | static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) | 235 | static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) |
| 237 | { | 236 | { |
| 238 | struct sk_security_struct *ssec; | 237 | struct sk_security_struct *ssec; |
| @@ -261,7 +260,6 @@ static void sk_free_security(struct sock *sk) | |||
| 261 | sk->sk_security = NULL; | 260 | sk->sk_security = NULL; |
| 262 | kfree(ssec); | 261 | kfree(ssec); |
| 263 | } | 262 | } |
| 264 | #endif /* CONFIG_SECURITY_NETWORK */ | ||
| 265 | 263 | ||
| 266 | /* The security server must be initialized before | 264 | /* The security server must be initialized before |
| 267 | any labeling or access decisions can be provided. */ | 265 | any labeling or access decisions can be provided. */ |
| @@ -2736,8 +2734,6 @@ static void selinux_task_to_inode(struct task_struct *p, | |||
| 2736 | return; | 2734 | return; |
| 2737 | } | 2735 | } |
| 2738 | 2736 | ||
| 2739 | #ifdef CONFIG_SECURITY_NETWORK | ||
| 2740 | |||
| 2741 | /* Returns error only if unable to parse addresses */ | 2737 | /* Returns error only if unable to parse addresses */ |
| 2742 | static int selinux_parse_skb_ipv4(struct sk_buff *skb, struct avc_audit_data *ad) | 2738 | static int selinux_parse_skb_ipv4(struct sk_buff *skb, struct avc_audit_data *ad) |
| 2743 | { | 2739 | { |
| @@ -3556,15 +3552,6 @@ static unsigned int selinux_ipv6_postroute_last(unsigned int hooknum, | |||
| 3556 | 3552 | ||
| 3557 | #endif /* CONFIG_NETFILTER */ | 3553 | #endif /* CONFIG_NETFILTER */ |
| 3558 | 3554 | ||
| 3559 | #else | ||
| 3560 | |||
| 3561 | static inline int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) | ||
| 3562 | { | ||
| 3563 | return 0; | ||
| 3564 | } | ||
| 3565 | |||
| 3566 | #endif /* CONFIG_SECURITY_NETWORK */ | ||
| 3567 | |||
| 3568 | static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) | 3555 | static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) |
| 3569 | { | 3556 | { |
| 3570 | struct task_security_struct *tsec; | 3557 | struct task_security_struct *tsec; |
| @@ -4340,7 +4327,6 @@ static struct security_operations selinux_ops = { | |||
| 4340 | .getprocattr = selinux_getprocattr, | 4327 | .getprocattr = selinux_getprocattr, |
| 4341 | .setprocattr = selinux_setprocattr, | 4328 | .setprocattr = selinux_setprocattr, |
| 4342 | 4329 | ||
| 4343 | #ifdef CONFIG_SECURITY_NETWORK | ||
| 4344 | .unix_stream_connect = selinux_socket_unix_stream_connect, | 4330 | .unix_stream_connect = selinux_socket_unix_stream_connect, |
| 4345 | .unix_may_send = selinux_socket_unix_may_send, | 4331 | .unix_may_send = selinux_socket_unix_may_send, |
| 4346 | 4332 | ||
| @@ -4362,7 +4348,6 @@ static struct security_operations selinux_ops = { | |||
| 4362 | .sk_alloc_security = selinux_sk_alloc_security, | 4348 | .sk_alloc_security = selinux_sk_alloc_security, |
| 4363 | .sk_free_security = selinux_sk_free_security, | 4349 | .sk_free_security = selinux_sk_free_security, |
| 4364 | .sk_getsid = selinux_sk_getsid_security, | 4350 | .sk_getsid = selinux_sk_getsid_security, |
| 4365 | #endif | ||
| 4366 | 4351 | ||
| 4367 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 4352 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 4368 | .xfrm_policy_alloc_security = selinux_xfrm_policy_alloc, | 4353 | .xfrm_policy_alloc_security = selinux_xfrm_policy_alloc, |
| @@ -4440,7 +4425,7 @@ next_sb: | |||
| 4440 | all processes and objects when they are created. */ | 4425 | all processes and objects when they are created. */ |
| 4441 | security_initcall(selinux_init); | 4426 | security_initcall(selinux_init); |
| 4442 | 4427 | ||
| 4443 | #if defined(CONFIG_SECURITY_NETWORK) && defined(CONFIG_NETFILTER) | 4428 | #if defined(CONFIG_NETFILTER) |
| 4444 | 4429 | ||
| 4445 | static struct nf_hook_ops selinux_ipv4_op = { | 4430 | static struct nf_hook_ops selinux_ipv4_op = { |
| 4446 | .hook = selinux_ipv4_postroute_last, | 4431 | .hook = selinux_ipv4_postroute_last, |
| @@ -4501,13 +4486,13 @@ static void selinux_nf_ip_exit(void) | |||
| 4501 | } | 4486 | } |
| 4502 | #endif | 4487 | #endif |
| 4503 | 4488 | ||
| 4504 | #else /* CONFIG_SECURITY_NETWORK && CONFIG_NETFILTER */ | 4489 | #else /* CONFIG_NETFILTER */ |
| 4505 | 4490 | ||
| 4506 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE | 4491 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE |
| 4507 | #define selinux_nf_ip_exit() | 4492 | #define selinux_nf_ip_exit() |
| 4508 | #endif | 4493 | #endif |
| 4509 | 4494 | ||
| 4510 | #endif /* CONFIG_SECURITY_NETWORK && CONFIG_NETFILTER */ | 4495 | #endif /* CONFIG_NETFILTER */ |
| 4511 | 4496 | ||
| 4512 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE | 4497 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE |
| 4513 | int selinux_disable(void) | 4498 | int selinux_disable(void) |