From: Paul Moore <paul.moore@hp.com>
To: selinux@tycho.nsa.gov
Subject: [PATCH 4/6] selinux: Shuffle the sk_security_struct alloc and free routines
Date: Sat, 29 May 2010 17:53:44 -0400 [thread overview]
Message-ID: <20100529215344.4042.74670.stgit@flek.lan> (raw)
In-Reply-To: <20100529214628.4042.88276.stgit@flek.lan>
The sk_alloc_security() and sk_free_security() functions were only being
called by the selinux_sk_alloc_security() and selinux_sk_free_security()
functions so we just move the guts of the alloc/free routines to the
callers and eliminate a layer of indirection.
Signed-off-by: Paul Moore <paul.moore@hp.com>
---
security/selinux/hooks.c | 45 +++++++++++++++++----------------------------
1 files changed, 17 insertions(+), 28 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index a4a0660..aa4e11c 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -279,32 +279,6 @@ static void superblock_free_security(struct super_block *sb)
kfree(sbsec);
}
-static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
-{
- struct sk_security_struct *sksec;
-
- sksec = kzalloc(sizeof(*sksec), priority);
- if (!sksec)
- return -ENOMEM;
-
- sksec->peer_sid = SECINITSID_UNLABELED;
- sksec->sid = SECINITSID_UNLABELED;
- sk->sk_security = sksec;
-
- selinux_netlbl_sk_security_reset(sksec);
-
- return 0;
-}
-
-static void sk_free_security(struct sock *sk)
-{
- struct sk_security_struct *sksec = sk->sk_security;
-
- sk->sk_security = NULL;
- selinux_netlbl_sk_security_free(sksec);
- kfree(sksec);
-}
-
/* The security server must be initialized before
any labeling or access decisions can be provided. */
extern int ss_initialized;
@@ -4265,12 +4239,27 @@ out:
static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority)
{
- return sk_alloc_security(sk, family, priority);
+ struct sk_security_struct *sksec;
+
+ sksec = kzalloc(sizeof(*sksec), priority);
+ if (!sksec)
+ return -ENOMEM;
+
+ sksec->peer_sid = SECINITSID_UNLABELED;
+ sksec->sid = SECINITSID_UNLABELED;
+ selinux_netlbl_sk_security_reset(sksec);
+ sk->sk_security = sksec;
+
+ return 0;
}
static void selinux_sk_free_security(struct sock *sk)
{
- sk_free_security(sk);
+ struct sk_security_struct *sksec = sk->sk_security;
+
+ sk->sk_security = NULL;
+ selinux_netlbl_sk_security_free(sksec);
+ kfree(sksec);
}
static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2010-05-29 21:53 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-29 21:53 [PATCH 0/6] SELinux UNIX domain socket fixes/cleanup Paul Moore
2010-05-29 21:53 ` [PATCH 1/6] selinux: Update socket's label alongside inode's label Paul Moore
2010-05-29 21:53 ` [PATCH 2/6] selinux: Set the peer label correctly on connected UNIX domain sockets Paul Moore
2010-05-29 21:53 ` [PATCH 3/6] selinux: Consolidate sockcreate_sid logic Paul Moore
2010-05-29 21:53 ` Paul Moore [this message]
2010-05-29 21:53 ` [PATCH 5/6] selinux: Convert socket related access controls to use socket labels Paul Moore
2010-05-29 21:53 ` [PATCH 6/6] selinux: Use current_security() when possible Paul Moore
2010-06-03 20:52 ` [PATCH 0/6] SELinux UNIX domain socket fixes/cleanup Paul Moore
2010-06-03 21:12 ` Eric Paris
2010-06-03 21:44 ` Paul Moore
2010-06-09 21:39 ` Paul Moore
2010-06-21 18:32 ` Paul Moore
2010-06-21 19:13 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100529215344.4042.74670.stgit@flek.lan \
--to=paul.moore@hp.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.