summaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2008-01-29 14:44:18 +0100
committerJames Morris <jmorris@namei.org>2008-01-29 22:17:27 +0100
commit5dbe1eb0cfc144a2b0cb1466e22bcb6fc34229a8 (patch)
treee1e028acaf0dd08cbcacd2c125f60230f820b442 /security/selinux/hooks.c
parentSELinux: Enable dynamic enable/disable of the network access checks (diff)
downloadlinux-5dbe1eb0cfc144a2b0cb1466e22bcb6fc34229a8.tar.xz
linux-5dbe1eb0cfc144a2b0cb1466e22bcb6fc34229a8.zip
SELinux: Allow NetLabel to directly cache SIDs
Now that the SELinux NetLabel "base SID" is always the netmsg initial SID we can do a big optimization - caching the SID and not just the MLS attributes. This not only saves a lot of per-packet memory allocations and copies but it has a nice side effect of removing a chunk of code. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c6
1 files changed, 1 insertions, 5 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 6156241c8770..c90e865a8603 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3468,11 +3468,7 @@ static int selinux_skb_peerlbl_sid(struct sk_buff *skb, u16 family, u32 *sid)
u32 nlbl_type;
selinux_skb_xfrm_sid(skb, &xfrm_sid);
- selinux_netlbl_skbuff_getsid(skb,
- family,
- SECINITSID_NETMSG,
- &nlbl_type,
- &nlbl_sid);
+ selinux_netlbl_skbuff_getsid(skb, family, &nlbl_type, &nlbl_sid);
if (security_net_peersid_resolve(nlbl_sid, nlbl_type,
xfrm_sid,