Commit dd3e7836 authored by Eric Paris's avatar Eric Paris Committed by James Morris

selinux: always call sk_security_struct sksec

trying to grep everything that messes with a sk_security_struct isn't easy
since we don't always call it sksec.  Just rename everything sksec.
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent d25d6fa1
......@@ -293,28 +293,28 @@ static void superblock_free_security(struct super_block *sb)
static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
{
struct sk_security_struct *ssec;
struct sk_security_struct *sksec;
ssec = kzalloc(sizeof(*ssec), priority);
if (!ssec)
sksec = kzalloc(sizeof(*sksec), priority);
if (!sksec)
return -ENOMEM;
ssec->peer_sid = SECINITSID_UNLABELED;
ssec->sid = SECINITSID_UNLABELED;
sk->sk_security = ssec;
sksec->peer_sid = SECINITSID_UNLABELED;
sksec->sid = SECINITSID_UNLABELED;
sk->sk_security = sksec;
selinux_netlbl_sk_security_reset(ssec);
selinux_netlbl_sk_security_reset(sksec);
return 0;
}
static void sk_free_security(struct sock *sk)
{
struct sk_security_struct *ssec = sk->sk_security;
struct sk_security_struct *sksec = sk->sk_security;
sk->sk_security = NULL;
selinux_netlbl_sk_security_free(ssec);
kfree(ssec);
selinux_netlbl_sk_security_free(sksec);
kfree(sksec);
}
/* The security server must be initialized before
......@@ -4002,7 +4002,7 @@ static int selinux_socket_unix_stream_connect(struct socket *sock,
struct socket *other,
struct sock *newsk)
{
struct sk_security_struct *ssec;
struct sk_security_struct *sksec;
struct inode_security_struct *isec;
struct inode_security_struct *other_isec;
struct common_audit_data ad;
......@@ -4021,13 +4021,13 @@ static int selinux_socket_unix_stream_connect(struct socket *sock,
return err;
/* connecting socket */
ssec = sock->sk->sk_security;
ssec->peer_sid = other_isec->sid;
sksec = sock->sk->sk_security;
sksec->peer_sid = other_isec->sid;
/* server child socket */
ssec = newsk->sk_security;
ssec->peer_sid = isec->sid;
err = security_sid_mls_copy(other_isec->sid, ssec->peer_sid, &ssec->sid);
sksec = newsk->sk_security;
sksec->peer_sid = isec->sid;
err = security_sid_mls_copy(other_isec->sid, sksec->peer_sid, &sksec->sid);
return err;
}
......@@ -4190,7 +4190,7 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op
int err = 0;
char *scontext;
u32 scontext_len;
struct sk_security_struct *ssec;
struct sk_security_struct *sksec;
struct inode_security_struct *isec;
u32 peer_sid = SECSID_NULL;
......@@ -4198,8 +4198,8 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op
if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET ||
isec->sclass == SECCLASS_TCP_SOCKET) {
ssec = sock->sk->sk_security;
peer_sid = ssec->peer_sid;
sksec = sock->sk->sk_security;
peer_sid = sksec->peer_sid;
}
if (peer_sid == SECSID_NULL) {
err = -ENOPROTOOPT;
......@@ -4266,14 +4266,14 @@ static void selinux_sk_free_security(struct sock *sk)
static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
{
struct sk_security_struct *ssec = sk->sk_security;
struct sk_security_struct *newssec = newsk->sk_security;
struct sk_security_struct *sksec = sk->sk_security;
struct sk_security_struct *newsksec = newsk->sk_security;
newssec->sid = ssec->sid;
newssec->peer_sid = ssec->peer_sid;
newssec->sclass = ssec->sclass;
newsksec->sid = sksec->sid;
newsksec->peer_sid = sksec->peer_sid;
newsksec->sclass = sksec->sclass;
selinux_netlbl_sk_security_reset(newssec);
selinux_netlbl_sk_security_reset(newsksec);
}
static void selinux_sk_getsecid(struct sock *sk, u32 *secid)
......
......@@ -42,8 +42,8 @@ void selinux_netlbl_cache_invalidate(void);
void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway);
void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec);
void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec);
void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec);
void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec);
int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
u16 family,
......@@ -79,13 +79,13 @@ static inline void selinux_netlbl_err(struct sk_buff *skb,
}
static inline void selinux_netlbl_sk_security_free(
struct sk_security_struct *ssec)
struct sk_security_struct *sksec)
{
return;
}
static inline void selinux_netlbl_sk_security_reset(
struct sk_security_struct *ssec)
struct sk_security_struct *sksec)
{
return;
}
......
......@@ -131,21 +131,21 @@ void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway)
/**
* selinux_netlbl_sk_security_free - Free the NetLabel fields
* @sssec: the sk_security_struct
* @sksec: the sk_security_struct
*
* Description:
* Free all of the memory in the NetLabel fields of a sk_security_struct.
*
*/
void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec)
void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec)
{
if (ssec->nlbl_secattr != NULL)
netlbl_secattr_free(ssec->nlbl_secattr);
if (sksec->nlbl_secattr != NULL)
netlbl_secattr_free(sksec->nlbl_secattr);
}
/**
* selinux_netlbl_sk_security_reset - Reset the NetLabel fields
* @ssec: the sk_security_struct
* @sksec: the sk_security_struct
* @family: the socket family
*
* Description:
......@@ -153,9 +153,9 @@ void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec)
* The caller is responsibile for all the NetLabel sk_security_struct locking.
*
*/
void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec)
void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)
{
ssec->nlbl_state = NLBL_UNSET;
sksec->nlbl_state = NLBL_UNSET;
}
/**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment