[redhat-lspp] Re: [RFC 5/7] NetLabel: SELinux support

Steve Grubb sgrubb at redhat.com
Sat Jul 8 16:13:39 UTC 2006 

On Thursday 06 July 2006 17:34, paul.moore at hp.com wrote:
> Index: linux-2.6.17.i686-quilt/security/selinux/ss/ebitmap.c
> ===================================================================
> --- linux-2.6.17.i686-quilt.orig/security/selinux/ss/ebitmap.c

> +int ebitmap_import(const unsigned char *src,
> +		   const u32 src_len,
> +		   struct ebitmap *dst)

const on pbv

> ===================================================================
> --- linux-2.6.17.i686-quilt.orig/security/selinux/ss/mls.c
> +++ linux-2.6.17.i686-quilt/security/selinux/ss/mls.c
> +int mls_import_lvl(struct context *context,
> +		   const u32 lvl_low,
> +		   const u32 lvl_high)

const on pbv

> +int mls_export_cat(const struct context *context,
> +		   unsigned char **cat_low,
> +		   u32 *cat_low_len,
> +		   unsigned char **cat_high,
> +		   u32 *cat_high_len)
> +{
> +export_cat_failure:
> +	if (cat_low != NULL && *cat_low != NULL)
> +		kfree(*cat_low);
> +	if (cat_high != NULL && *cat_high != NULL)
> +		kfree(*cat_high);

The 'if's can be shorted since kfree handles NULL.

> +int mls_import_cat(struct context *context,
> +		   const unsigned char *cat_low,
> +		   const u32 cat_low_len,
> +		   const unsigned char *cat_high,
> +		   const u32 cat_high_len)

const on pbv

> --- linux-2.6.17.i686-quilt.orig/security/selinux/ss/services.c
> +++ linux-2.6.17.i686-quilt/security/selinux/ss/services.c
> +static int selinux_netlbl_secattr_to_sid(struct sk_buff *skb,
> +					 struct netlbl_lsm_secattr *secattr,
> +					 const u32 base_sid,
> +					 u32 *sid)

same

> +static int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
> +					const u32 base_sid,
> +					u32 *sid)

same

> +static int selinux_netlbl_socket_setsid(struct socket *sock,
> +					const int sock_family,
> +					u32 sid)

same

> +int selinux_netlbl_socket_create(struct socket *sock,
> +				 const int sock_family,
> +				 u32 sid)

same

> +int selinux_netlbl_sock_rcv_skb(const u16 sock_class,
> +				const u32 sock_sid,
> +				struct sk_buff *skb,
> +				struct avc_audit_data *ad)

same

-Steve

More information about the redhat-lspp mailing list