aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/netif.c19
1 files changed, 9 insertions, 10 deletions
diff --git a/security/selinux/netif.c b/security/selinux/netif.c
index 9c8a82aa8baf..c658b84c3196 100644
--- a/security/selinux/netif.c
+++ b/security/selinux/netif.c
@@ -8,7 +8,7 @@
8 * 8 *
9 * Copyright (C) 2003 Red Hat, Inc., James Morris <jmorris@redhat.com> 9 * Copyright (C) 2003 Red Hat, Inc., James Morris <jmorris@redhat.com>
10 * Copyright (C) 2007 Hewlett-Packard Development Company, L.P. 10 * Copyright (C) 2007 Hewlett-Packard Development Company, L.P.
11 * Paul Moore <paul.moore@hp.com> 11 * Paul Moore <paul.moore@hp.com>
12 * 12 *
13 * This program is free software; you can redistribute it and/or modify 13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License version 2, 14 * it under the terms of the GNU General Public License version 2,
@@ -31,8 +31,7 @@
31#define SEL_NETIF_HASH_SIZE 64 31#define SEL_NETIF_HASH_SIZE 64
32#define SEL_NETIF_HASH_MAX 1024 32#define SEL_NETIF_HASH_MAX 1024
33 33
34struct sel_netif 34struct sel_netif {
35{
36 struct list_head list; 35 struct list_head list;
37 struct netif_security_struct nsec; 36 struct netif_security_struct nsec;
38 struct rcu_head rcu_head; 37 struct rcu_head rcu_head;
@@ -92,10 +91,10 @@ static inline struct sel_netif *sel_netif_find(int ifindex)
92static int sel_netif_insert(struct sel_netif *netif) 91static int sel_netif_insert(struct sel_netif *netif)
93{ 92{
94 int idx; 93 int idx;
95 94
96 if (sel_netif_total >= SEL_NETIF_HASH_MAX) 95 if (sel_netif_total >= SEL_NETIF_HASH_MAX)
97 return -ENOSPC; 96 return -ENOSPC;
98 97
99 idx = sel_netif_hashfn(netif->nsec.ifindex); 98 idx = sel_netif_hashfn(netif->nsec.ifindex);
100 list_add_rcu(&netif->list, &sel_netif_hash[idx]); 99 list_add_rcu(&netif->list, &sel_netif_hash[idx]);
101 sel_netif_total++; 100 sel_netif_total++;
@@ -267,7 +266,7 @@ static void sel_netif_flush(void)
267} 266}
268 267
269static int sel_netif_avc_callback(u32 event, u32 ssid, u32 tsid, 268static int sel_netif_avc_callback(u32 event, u32 ssid, u32 tsid,
270 u16 class, u32 perms, u32 *retained) 269 u16 class, u32 perms, u32 *retained)
271{ 270{
272 if (event == AVC_CALLBACK_RESET) { 271 if (event == AVC_CALLBACK_RESET) {
273 sel_netif_flush(); 272 sel_netif_flush();
@@ -277,7 +276,7 @@ static int sel_netif_avc_callback(u32 event, u32 ssid, u32 tsid,
277} 276}
278 277
279static int sel_netif_netdev_notifier_handler(struct notifier_block *this, 278static int sel_netif_netdev_notifier_handler(struct notifier_block *this,
280 unsigned long event, void *ptr) 279 unsigned long event, void *ptr)
281{ 280{
282 struct net_device *dev = ptr; 281 struct net_device *dev = ptr;
283 282
@@ -297,7 +296,7 @@ static struct notifier_block sel_netif_netdev_notifier = {
297static __init int sel_netif_init(void) 296static __init int sel_netif_init(void)
298{ 297{
299 int i, err; 298 int i, err;
300 299
301 if (!selinux_enabled) 300 if (!selinux_enabled)
302 return 0; 301 return 0;
303 302
@@ -305,9 +304,9 @@ static __init int sel_netif_init(void)
305 INIT_LIST_HEAD(&sel_netif_hash[i]); 304 INIT_LIST_HEAD(&sel_netif_hash[i]);
306 305
307 register_netdevice_notifier(&sel_netif_netdev_notifier); 306 register_netdevice_notifier(&sel_netif_netdev_notifier);
308 307
309 err = avc_add_callback(sel_netif_avc_callback, AVC_CALLBACK_RESET, 308 err = avc_add_callback(sel_netif_avc_callback, AVC_CALLBACK_RESET,
310 SECSID_NULL, SECSID_NULL, SECCLASS_NULL, 0); 309 SECSID_NULL, SECSID_NULL, SECCLASS_NULL, 0);
311 if (err) 310 if (err)
312 panic("avc_add_callback() failed, error %d\n", err); 311 panic("avc_add_callback() failed, error %d\n", err);
313 312