Commit 84914b7e authored by Paul Moore's avatar Paul Moore Committed by James Morris
Browse files

selinux: Shuffle the sk_security_struct alloc and free routines



The sk_alloc_security() and sk_free_security() functions were only being
called by the selinux_sk_alloc_security() and selinux_sk_free_security()
functions so we just move the guts of the alloc/free routines to the
callers and eliminate a layer of indirection.
Signed-off-by: default avatarPaul Moore <paul.moore@hp.com>
Acked-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent d4f2d978
......@@ -279,32 +279,6 @@ static void superblock_free_security(struct super_block *sb)
kfree(sbsec);
}
static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
{
struct sk_security_struct *sksec;
sksec = kzalloc(sizeof(*sksec), priority);
if (!sksec)
return -ENOMEM;
sksec->peer_sid = SECINITSID_UNLABELED;
sksec->sid = SECINITSID_UNLABELED;
sk->sk_security = sksec;
selinux_netlbl_sk_security_reset(sksec);
return 0;
}
static void sk_free_security(struct sock *sk)
{
struct sk_security_struct *sksec = sk->sk_security;
sk->sk_security = NULL;
selinux_netlbl_sk_security_free(sksec);
kfree(sksec);
}
/* The security server must be initialized before
any labeling or access decisions can be provided. */
extern int ss_initialized;
......@@ -4224,12 +4198,27 @@ out:
static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority)
{
return sk_alloc_security(sk, family, priority);
struct sk_security_struct *sksec;
sksec = kzalloc(sizeof(*sksec), priority);
if (!sksec)
return -ENOMEM;
sksec->peer_sid = SECINITSID_UNLABELED;
sksec->sid = SECINITSID_UNLABELED;
selinux_netlbl_sk_security_reset(sksec);
sk->sk_security = sksec;
return 0;
}
static void selinux_sk_free_security(struct sock *sk)
{
sk_free_security(sk);
struct sk_security_struct *sksec = sk->sk_security;
sk->sk_security = NULL;
selinux_netlbl_sk_security_free(sksec);
kfree(sksec);
}
static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment