diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/keys/keyring.c | 2 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 6 | ||||
| -rw-r--r-- | security/selinux/netlink.c | 4 |
3 files changed, 7 insertions, 5 deletions
diff --git a/security/keys/keyring.c b/security/keys/keyring.c index ad45ce73964b..88292e3dee96 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c | |||
| @@ -66,6 +66,8 @@ struct key_type key_type_keyring = { | |||
| 66 | .read = keyring_read, | 66 | .read = keyring_read, |
| 67 | }; | 67 | }; |
| 68 | 68 | ||
| 69 | EXPORT_SYMBOL(key_type_keyring); | ||
| 70 | |||
| 69 | /* | 71 | /* |
| 70 | * semaphore to serialise link/link calls to prevent two link calls in parallel | 72 | * semaphore to serialise link/link calls to prevent two link calls in parallel |
| 71 | * introducing a cycle | 73 | * introducing a cycle |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 68629aa039ed..885a9a958b8d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -2944,7 +2944,7 @@ static int selinux_parse_skb_ipv4(struct sk_buff *skb, | |||
| 2944 | int offset, ihlen, ret = -EINVAL; | 2944 | int offset, ihlen, ret = -EINVAL; |
| 2945 | struct iphdr _iph, *ih; | 2945 | struct iphdr _iph, *ih; |
| 2946 | 2946 | ||
| 2947 | offset = skb->nh.raw - skb->data; | 2947 | offset = skb_network_offset(skb); |
| 2948 | ih = skb_header_pointer(skb, offset, sizeof(_iph), &_iph); | 2948 | ih = skb_header_pointer(skb, offset, sizeof(_iph), &_iph); |
| 2949 | if (ih == NULL) | 2949 | if (ih == NULL) |
| 2950 | goto out; | 2950 | goto out; |
| @@ -3026,7 +3026,7 @@ static int selinux_parse_skb_ipv6(struct sk_buff *skb, | |||
| 3026 | int ret = -EINVAL, offset; | 3026 | int ret = -EINVAL, offset; |
| 3027 | struct ipv6hdr _ipv6h, *ip6; | 3027 | struct ipv6hdr _ipv6h, *ip6; |
| 3028 | 3028 | ||
| 3029 | offset = skb->nh.raw - skb->data; | 3029 | offset = skb_network_offset(skb); |
| 3030 | ip6 = skb_header_pointer(skb, offset, sizeof(_ipv6h), &_ipv6h); | 3030 | ip6 = skb_header_pointer(skb, offset, sizeof(_ipv6h), &_ipv6h); |
| 3031 | if (ip6 == NULL) | 3031 | if (ip6 == NULL) |
| 3032 | goto out; | 3032 | goto out; |
| @@ -3812,7 +3812,7 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) | |||
| 3812 | err = -EINVAL; | 3812 | err = -EINVAL; |
| 3813 | goto out; | 3813 | goto out; |
| 3814 | } | 3814 | } |
| 3815 | nlh = (struct nlmsghdr *)skb->data; | 3815 | nlh = nlmsg_hdr(skb); |
| 3816 | 3816 | ||
| 3817 | err = selinux_nlmsg_lookup(isec->sclass, nlh->nlmsg_type, &perm); | 3817 | err = selinux_nlmsg_lookup(isec->sclass, nlh->nlmsg_type, &perm); |
| 3818 | if (err) { | 3818 | if (err) { |
diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c index e203883406dd..f49046de63a2 100644 --- a/security/selinux/netlink.c +++ b/security/selinux/netlink.c | |||
| @@ -66,7 +66,7 @@ static void selnl_add_payload(struct nlmsghdr *nlh, int len, int msgtype, void * | |||
| 66 | static void selnl_notify(int msgtype, void *data) | 66 | static void selnl_notify(int msgtype, void *data) |
| 67 | { | 67 | { |
| 68 | int len; | 68 | int len; |
| 69 | unsigned char *tmp; | 69 | sk_buff_data_t tmp; |
| 70 | struct sk_buff *skb; | 70 | struct sk_buff *skb; |
| 71 | struct nlmsghdr *nlh; | 71 | struct nlmsghdr *nlh; |
| 72 | 72 | ||
| @@ -104,7 +104,7 @@ void selnl_notify_policyload(u32 seqno) | |||
| 104 | 104 | ||
| 105 | static int __init selnl_init(void) | 105 | static int __init selnl_init(void) |
| 106 | { | 106 | { |
| 107 | selnl = netlink_kernel_create(NETLINK_SELINUX, SELNLGRP_MAX, NULL, | 107 | selnl = netlink_kernel_create(NETLINK_SELINUX, SELNLGRP_MAX, NULL, NULL, |
| 108 | THIS_MODULE); | 108 | THIS_MODULE); |
| 109 | if (selnl == NULL) | 109 | if (selnl == NULL) |
| 110 | panic("SELinux: Cannot create netlink socket."); | 110 | panic("SELinux: Cannot create netlink socket."); |