aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/hooks.c50
-rw-r--r--security/selinux/include/netlabel.h8
-rw-r--r--security/selinux/netlabel.c14
3 files changed, 36 insertions, 36 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 63c2d36d55ab..ebee467e2913 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -293,28 +293,28 @@ static void superblock_free_security(struct super_block *sb)
293 293
294static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) 294static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
295{ 295{
296 struct sk_security_struct *ssec; 296 struct sk_security_struct *sksec;
297 297
298 ssec = kzalloc(sizeof(*ssec), priority); 298 sksec = kzalloc(sizeof(*sksec), priority);
299 if (!ssec) 299 if (!sksec)
300 return -ENOMEM; 300 return -ENOMEM;
301 301
302 ssec->peer_sid = SECINITSID_UNLABELED; 302 sksec->peer_sid = SECINITSID_UNLABELED;
303 ssec->sid = SECINITSID_UNLABELED; 303 sksec->sid = SECINITSID_UNLABELED;
304 sk->sk_security = ssec; 304 sk->sk_security = sksec;
305 305
306 selinux_netlbl_sk_security_reset(ssec); 306 selinux_netlbl_sk_security_reset(sksec);
307 307
308 return 0; 308 return 0;
309} 309}
310 310
311static void sk_free_security(struct sock *sk) 311static void sk_free_security(struct sock *sk)
312{ 312{
313 struct sk_security_struct *ssec = sk->sk_security; 313 struct sk_security_struct *sksec = sk->sk_security;
314 314
315 sk->sk_security = NULL; 315 sk->sk_security = NULL;
316 selinux_netlbl_sk_security_free(ssec); 316 selinux_netlbl_sk_security_free(sksec);
317 kfree(ssec); 317 kfree(sksec);
318} 318}
319 319
320/* The security server must be initialized before 320/* The security server must be initialized before
@@ -4002,7 +4002,7 @@ static int selinux_socket_unix_stream_connect(struct socket *sock,
4002 struct socket *other, 4002 struct socket *other,
4003 struct sock *newsk) 4003 struct sock *newsk)
4004{ 4004{
4005 struct sk_security_struct *ssec; 4005 struct sk_security_struct *sksec;
4006 struct inode_security_struct *isec; 4006 struct inode_security_struct *isec;
4007 struct inode_security_struct *other_isec; 4007 struct inode_security_struct *other_isec;
4008 struct common_audit_data ad; 4008 struct common_audit_data ad;
@@ -4021,13 +4021,13 @@ static int selinux_socket_unix_stream_connect(struct socket *sock,
4021 return err; 4021 return err;
4022 4022
4023 /* connecting socket */ 4023 /* connecting socket */
4024 ssec = sock->sk->sk_security; 4024 sksec = sock->sk->sk_security;
4025 ssec->peer_sid = other_isec->sid; 4025 sksec->peer_sid = other_isec->sid;
4026 4026
4027 /* server child socket */ 4027 /* server child socket */
4028 ssec = newsk->sk_security; 4028 sksec = newsk->sk_security;
4029 ssec->peer_sid = isec->sid; 4029 sksec->peer_sid = isec->sid;
4030 err = security_sid_mls_copy(other_isec->sid, ssec->peer_sid, &ssec->sid); 4030 err = security_sid_mls_copy(other_isec->sid, sksec->peer_sid, &sksec->sid);
4031 4031
4032 return err; 4032 return err;
4033} 4033}
@@ -4190,7 +4190,7 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op
4190 int err = 0; 4190 int err = 0;
4191 char *scontext; 4191 char *scontext;
4192 u32 scontext_len; 4192 u32 scontext_len;
4193 struct sk_security_struct *ssec; 4193 struct sk_security_struct *sksec;
4194 struct inode_security_struct *isec; 4194 struct inode_security_struct *isec;
4195 u32 peer_sid = SECSID_NULL; 4195 u32 peer_sid = SECSID_NULL;
4196 4196
@@ -4198,8 +4198,8 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op
4198 4198
4199 if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET || 4199 if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET ||
4200 isec->sclass == SECCLASS_TCP_SOCKET) { 4200 isec->sclass == SECCLASS_TCP_SOCKET) {
4201 ssec = sock->sk->sk_security; 4201 sksec = sock->sk->sk_security;
4202 peer_sid = ssec->peer_sid; 4202 peer_sid = sksec->peer_sid;
4203 } 4203 }
4204 if (peer_sid == SECSID_NULL) { 4204 if (peer_sid == SECSID_NULL) {
4205 err = -ENOPROTOOPT; 4205 err = -ENOPROTOOPT;
@@ -4266,14 +4266,14 @@ static void selinux_sk_free_security(struct sock *sk)
4266 4266
4267static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk) 4267static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
4268{ 4268{
4269 struct sk_security_struct *ssec = sk->sk_security; 4269 struct sk_security_struct *sksec = sk->sk_security;
4270 struct sk_security_struct *newssec = newsk->sk_security; 4270 struct sk_security_struct *newsksec = newsk->sk_security;
4271 4271
4272 newssec->sid = ssec->sid; 4272 newsksec->sid = sksec->sid;
4273 newssec->peer_sid = ssec->peer_sid; 4273 newsksec->peer_sid = sksec->peer_sid;
4274 newssec->sclass = ssec->sclass; 4274 newsksec->sclass = sksec->sclass;
4275 4275
4276 selinux_netlbl_sk_security_reset(newssec); 4276 selinux_netlbl_sk_security_reset(newsksec);
4277} 4277}
4278 4278
4279static void selinux_sk_getsecid(struct sock *sk, u32 *secid) 4279static void selinux_sk_getsecid(struct sock *sk, u32 *secid)
diff --git a/security/selinux/include/netlabel.h b/security/selinux/include/netlabel.h
index 8d7384280a7a..cf2f628e6e28 100644
--- a/security/selinux/include/netlabel.h
+++ b/security/selinux/include/netlabel.h
@@ -42,8 +42,8 @@ void selinux_netlbl_cache_invalidate(void);
42 42
43void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway); 43void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway);
44 44
45void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec); 45void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec);
46void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec); 46void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec);
47 47
48int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, 48int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
49 u16 family, 49 u16 family,
@@ -79,13 +79,13 @@ static inline void selinux_netlbl_err(struct sk_buff *skb,
79} 79}
80 80
81static inline void selinux_netlbl_sk_security_free( 81static inline void selinux_netlbl_sk_security_free(
82 struct sk_security_struct *ssec) 82 struct sk_security_struct *sksec)
83{ 83{
84 return; 84 return;
85} 85}
86 86
87static inline void selinux_netlbl_sk_security_reset( 87static inline void selinux_netlbl_sk_security_reset(
88 struct sk_security_struct *ssec) 88 struct sk_security_struct *sksec)
89{ 89{
90 return; 90 return;
91} 91}
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c
index 2534400317c5..3d09a2afc33c 100644
--- a/security/selinux/netlabel.c
+++ b/security/selinux/netlabel.c
@@ -131,21 +131,21 @@ void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway)
131 131
132/** 132/**
133 * selinux_netlbl_sk_security_free - Free the NetLabel fields 133 * selinux_netlbl_sk_security_free - Free the NetLabel fields
134 * @sssec: the sk_security_struct 134 * @sksec: the sk_security_struct
135 * 135 *
136 * Description: 136 * Description:
137 * Free all of the memory in the NetLabel fields of a sk_security_struct. 137 * Free all of the memory in the NetLabel fields of a sk_security_struct.
138 * 138 *
139 */ 139 */
140void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec) 140void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec)
141{ 141{
142 if (ssec->nlbl_secattr != NULL) 142 if (sksec->nlbl_secattr != NULL)
143 netlbl_secattr_free(ssec->nlbl_secattr); 143 netlbl_secattr_free(sksec->nlbl_secattr);
144} 144}
145 145
146/** 146/**
147 * selinux_netlbl_sk_security_reset - Reset the NetLabel fields 147 * selinux_netlbl_sk_security_reset - Reset the NetLabel fields
148 * @ssec: the sk_security_struct 148 * @sksec: the sk_security_struct
149 * @family: the socket family 149 * @family: the socket family
150 * 150 *
151 * Description: 151 * Description:
@@ -153,9 +153,9 @@ void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec)
153 * The caller is responsibile for all the NetLabel sk_security_struct locking. 153 * The caller is responsibile for all the NetLabel sk_security_struct locking.
154 * 154 *
155 */ 155 */
156void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec) 156void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)
157{ 157{
158 ssec->nlbl_state = NLBL_UNSET; 158 sksec->nlbl_state = NLBL_UNSET;
159} 159}
160 160
161/** 161/**