diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/lsm.c | 4 | ||||
| -rw-r--r-- | security/keys/key.c | 4 | ||||
| -rw-r--r-- | security/selinux/netif.c | 4 | ||||
| -rw-r--r-- | security/selinux/netnode.c | 3 | ||||
| -rw-r--r-- | security/selinux/netport.c | 3 | ||||
| -rw-r--r-- | security/tomoyo/realpath.c | 5 |
6 files changed, 11 insertions, 12 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 998100093332..65ca451a764d 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c | |||
| @@ -668,7 +668,7 @@ static int param_set_aabool(const char *val, const struct kernel_param *kp); | |||
| 668 | static int param_get_aabool(char *buffer, const struct kernel_param *kp); | 668 | static int param_get_aabool(char *buffer, const struct kernel_param *kp); |
| 669 | #define param_check_aabool param_check_bool | 669 | #define param_check_aabool param_check_bool |
| 670 | static struct kernel_param_ops param_ops_aabool = { | 670 | static struct kernel_param_ops param_ops_aabool = { |
| 671 | .flags = KERNEL_PARAM_FL_NOARG, | 671 | .flags = KERNEL_PARAM_OPS_FL_NOARG, |
| 672 | .set = param_set_aabool, | 672 | .set = param_set_aabool, |
| 673 | .get = param_get_aabool | 673 | .get = param_get_aabool |
| 674 | }; | 674 | }; |
| @@ -685,7 +685,7 @@ static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp | |||
| 685 | static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp); | 685 | static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp); |
| 686 | #define param_check_aalockpolicy param_check_bool | 686 | #define param_check_aalockpolicy param_check_bool |
| 687 | static struct kernel_param_ops param_ops_aalockpolicy = { | 687 | static struct kernel_param_ops param_ops_aalockpolicy = { |
| 688 | .flags = KERNEL_PARAM_FL_NOARG, | 688 | .flags = KERNEL_PARAM_OPS_FL_NOARG, |
| 689 | .set = param_set_aalockpolicy, | 689 | .set = param_set_aalockpolicy, |
| 690 | .get = param_get_aalockpolicy | 690 | .get = param_get_aalockpolicy |
| 691 | }; | 691 | }; |
diff --git a/security/keys/key.c b/security/keys/key.c index b90a68c4e2c4..6d0cad16f002 100644 --- a/security/keys/key.c +++ b/security/keys/key.c | |||
| @@ -27,8 +27,8 @@ DEFINE_SPINLOCK(key_serial_lock); | |||
| 27 | struct rb_root key_user_tree; /* tree of quota records indexed by UID */ | 27 | struct rb_root key_user_tree; /* tree of quota records indexed by UID */ |
| 28 | DEFINE_SPINLOCK(key_user_lock); | 28 | DEFINE_SPINLOCK(key_user_lock); |
| 29 | 29 | ||
| 30 | unsigned int key_quota_root_maxkeys = 200; /* root's key count quota */ | 30 | unsigned int key_quota_root_maxkeys = 1000000; /* root's key count quota */ |
| 31 | unsigned int key_quota_root_maxbytes = 20000; /* root's key space quota */ | 31 | unsigned int key_quota_root_maxbytes = 25000000; /* root's key space quota */ |
| 32 | unsigned int key_quota_maxkeys = 200; /* general key count quota */ | 32 | unsigned int key_quota_maxkeys = 200; /* general key count quota */ |
| 33 | unsigned int key_quota_maxbytes = 20000; /* general key space quota */ | 33 | unsigned int key_quota_maxbytes = 20000; /* general key space quota */ |
| 34 | 34 | ||
diff --git a/security/selinux/netif.c b/security/selinux/netif.c index 3c3de4ca0ebc..50ce177d71a0 100644 --- a/security/selinux/netif.c +++ b/security/selinux/netif.c | |||
| @@ -272,7 +272,7 @@ static struct notifier_block sel_netif_netdev_notifier = { | |||
| 272 | 272 | ||
| 273 | static __init int sel_netif_init(void) | 273 | static __init int sel_netif_init(void) |
| 274 | { | 274 | { |
| 275 | int i, err; | 275 | int i; |
| 276 | 276 | ||
| 277 | if (!selinux_enabled) | 277 | if (!selinux_enabled) |
| 278 | return 0; | 278 | return 0; |
| @@ -282,7 +282,7 @@ static __init int sel_netif_init(void) | |||
| 282 | 282 | ||
| 283 | register_netdevice_notifier(&sel_netif_netdev_notifier); | 283 | register_netdevice_notifier(&sel_netif_netdev_notifier); |
| 284 | 284 | ||
| 285 | return err; | 285 | return 0; |
| 286 | } | 286 | } |
| 287 | 287 | ||
| 288 | __initcall(sel_netif_init); | 288 | __initcall(sel_netif_init); |
diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c index ddf315260839..da923f89d2a9 100644 --- a/security/selinux/netnode.c +++ b/security/selinux/netnode.c | |||
| @@ -303,7 +303,6 @@ void sel_netnode_flush(void) | |||
| 303 | static __init int sel_netnode_init(void) | 303 | static __init int sel_netnode_init(void) |
| 304 | { | 304 | { |
| 305 | int iter; | 305 | int iter; |
| 306 | int ret; | ||
| 307 | 306 | ||
| 308 | if (!selinux_enabled) | 307 | if (!selinux_enabled) |
| 309 | return 0; | 308 | return 0; |
| @@ -313,7 +312,7 @@ static __init int sel_netnode_init(void) | |||
| 313 | sel_netnode_hash[iter].size = 0; | 312 | sel_netnode_hash[iter].size = 0; |
| 314 | } | 313 | } |
| 315 | 314 | ||
| 316 | return ret; | 315 | return 0; |
| 317 | } | 316 | } |
| 318 | 317 | ||
| 319 | __initcall(sel_netnode_init); | 318 | __initcall(sel_netnode_init); |
diff --git a/security/selinux/netport.c b/security/selinux/netport.c index 73ac6784d091..3311cc393cb4 100644 --- a/security/selinux/netport.c +++ b/security/selinux/netport.c | |||
| @@ -237,7 +237,6 @@ void sel_netport_flush(void) | |||
| 237 | static __init int sel_netport_init(void) | 237 | static __init int sel_netport_init(void) |
| 238 | { | 238 | { |
| 239 | int iter; | 239 | int iter; |
| 240 | int ret; | ||
| 241 | 240 | ||
| 242 | if (!selinux_enabled) | 241 | if (!selinux_enabled) |
| 243 | return 0; | 242 | return 0; |
| @@ -247,7 +246,7 @@ static __init int sel_netport_init(void) | |||
| 247 | sel_netport_hash[iter].size = 0; | 246 | sel_netport_hash[iter].size = 0; |
| 248 | } | 247 | } |
| 249 | 248 | ||
| 250 | return ret; | 249 | return 0; |
| 251 | } | 250 | } |
| 252 | 251 | ||
| 253 | __initcall(sel_netport_init); | 252 | __initcall(sel_netport_init); |
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index a3386d119425..bed745c8b1a3 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c | |||
| @@ -173,7 +173,7 @@ static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer, | |||
| 173 | * Use filesystem name if filesystem does not support rename() | 173 | * Use filesystem name if filesystem does not support rename() |
| 174 | * operation. | 174 | * operation. |
| 175 | */ | 175 | */ |
| 176 | if (!inode->i_op->rename) | 176 | if (!inode->i_op->rename && !inode->i_op->rename2) |
| 177 | goto prepend_filesystem_name; | 177 | goto prepend_filesystem_name; |
| 178 | } | 178 | } |
| 179 | /* Prepend device name. */ | 179 | /* Prepend device name. */ |
| @@ -282,7 +282,8 @@ char *tomoyo_realpath_from_path(struct path *path) | |||
| 282 | * Get local name for filesystems without rename() operation | 282 | * Get local name for filesystems without rename() operation |
| 283 | * or dentry without vfsmount. | 283 | * or dentry without vfsmount. |
| 284 | */ | 284 | */ |
| 285 | if (!path->mnt || !inode->i_op->rename) | 285 | if (!path->mnt || |
| 286 | (!inode->i_op->rename && !inode->i_op->rename2)) | ||
| 286 | pos = tomoyo_get_local_path(path->dentry, buf, | 287 | pos = tomoyo_get_local_path(path->dentry, buf, |
| 287 | buf_len - 1); | 288 | buf_len - 1); |
| 288 | /* Get absolute name for the rest. */ | 289 | /* Get absolute name for the rest. */ |