lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

SELinux: Correct the NetLabel locking for the sk_security_struct

Browse Source 
The RCU/spinlock locking approach for the nlbl_state in the sk_security_struct
was almost certainly overkill.  This patch removes both the RCU and spinlock
locking, relying on the existing socket locks to handle the case of multiple
writers.  This change also makes several code reductions possible.

Less locking, less code - it's a Good Thing.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Paul Moore
2008-02-25 11:40:33 -05:00
committed by James Morris
parent 4b119e21d0
commit f74af6e816
4 changed files with 15 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
security/selinux/hooks.c
View File

@@ -280,7 +280,7 @@ static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
ssec->sid = SECINITSID_UNLABELED;
sk->sk_security = ssec;
selinux_netlbl_sk_security_init(ssec, family);
selinux_netlbl_sk_security_reset(ssec, family);
return 0;
}
@@ -4139,7 +4139,7 @@ static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
newssec->peer_sid = ssec->peer_sid;
newssec->sclass = ssec->sclass;
selinux_netlbl_sk_security_clone(ssec, newssec);
selinux_netlbl_sk_security_reset(newssec, newsk->sk_family);
}
static void selinux_sk_getsecid(struct sock *sk, u32 *secid)