summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2011-03-12 06:29:39 +0100
committerDavid S. Miller <davem@davemloft.net>2011-03-13 00:08:44 +0100
commit1d28f42c1bd4bb2363d88df74d0128b4da135b4a (patch)
treecb2e652fe79a2bc307e871bc2d3fa51cc8051e45 /security
parentxfrm: Eliminate "fl" and "pol" args to xfrm_bundle_ok(). (diff)
downloadlinux-1d28f42c1bd4bb2363d88df74d0128b4da135b4a.tar.xz
linux-1d28f42c1bd4bb2363d88df74d0128b4da135b4a.zip
net: Put flowi_* prefix on AF independent members of struct flowi
I intend to turn struct flowi into a union of AF specific flowi structs. There will be a common structure that each variant includes first, much like struct sock_common. This is the first step to move in that direction. Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security')
-rw-r--r--security/security.c4
-rw-r--r--security/selinux/hooks.c2
-rw-r--r--security/selinux/xfrm.c4
3 files changed, 5 insertions, 5 deletions
diff --git a/security/security.c b/security/security.c
index 8ef1f7dff277..bae843c8a13e 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1100,7 +1100,7 @@ void security_sk_clone(const struct sock *sk, struct sock *newsk)
void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
{
- security_ops->sk_getsecid(sk, &fl->secid);
+ security_ops->sk_getsecid(sk, &fl->flowi_secid);
}
EXPORT_SYMBOL(security_sk_classify_flow);
@@ -1246,7 +1246,7 @@ int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid)
void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl)
{
- int rc = security_ops->xfrm_decode_session(skb, &fl->secid, 0);
+ int rc = security_ops->xfrm_decode_session(skb, &fl->flowi_secid, 0);
BUG_ON(rc);
}
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index cef42f5d69a2..c178494850a9 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4306,7 +4306,7 @@ static void selinux_secmark_refcount_dec(void)
static void selinux_req_classify_flow(const struct request_sock *req,
struct flowi *fl)
{
- fl->secid = req->secid;
+ fl->flowi_secid = req->secid;
}
static int selinux_tun_dev_create(void)
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index c43ab542246c..510ec2cf6c23 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -135,10 +135,10 @@ int selinux_xfrm_state_pol_flow_match(struct xfrm_state *x, struct xfrm_policy *
state_sid = x->security->ctx_sid;
- if (fl->secid != state_sid)
+ if (fl->flowi_secid != state_sid)
return 0;
- rc = avc_has_perm(fl->secid, state_sid, SECCLASS_ASSOCIATION,
+ rc = avc_has_perm(fl->flowi_secid, state_sid, SECCLASS_ASSOCIATION,
ASSOCIATION__SENDTO,
NULL)? 0:1;