tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
SELinux: avc: remove the useless fields in avc_add_callback
avc_add_callback now just used for registering reset functions
in initcalls, and the callback functions just did reset operations.
So, reducing the arguments to only one event is enough now.
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
authored by
Wanlong Gao
and committed by
Eric Paris
562c99f2
0b36e44c
+15
-47
+6
-26
security/selinux/avc.c
+6
-26
security/selinux/avc.c
···
65
65
};
66
66
67
67
struct avc_callback_node {
68
-
int (*callback) (u32 event, u32 ssid, u32 tsid,
69
-
u16 tclass, u32 perms,
70
-
u32 *out_retained);
68
+
int (*callback) (u32 event);
71
69
u32 events;
72
-
u32 ssid;
73
-
u32 tsid;
74
-
u16 tclass;
75
-
u32 perms;
76
70
struct avc_callback_node *next;
77
71
};
78
72
···
493
499
* avc_add_callback - Register a callback for security events.
494
500
* @callback: callback function
495
501
* @events: security events
496
-
* @ssid: source security identifier or %SECSID_WILD
497
-
* @tsid: target security identifier or %SECSID_WILD
498
-
* @tclass: target security class
499
-
* @perms: permissions
500
502
*
501
-
* Register a callback function for events in the set @events
502
-
* related to the SID pair (@ssid, @tsid)
503
-
* and the permissions @perms, interpreting
504
-
* @perms based on @tclass. Returns %0 on success or
505
-
* -%ENOMEM if insufficient memory exists to add the callback.
503
+
* Register a callback function for events in the set @events.
504
+
* Returns %0 on success or -%ENOMEM if insufficient memory
505
+
* exists to add the callback.
506
506
*/
507
-
int __init avc_add_callback(int (*callback)(u32 event, u32 ssid, u32 tsid,
508
-
u16 tclass, u32 perms,
509
-
u32 *out_retained),
510
-
u32 events, u32 ssid, u32 tsid,
511
-
u16 tclass, u32 perms)
507
+
int __init avc_add_callback(int (*callback)(u32 event), u32 events)
512
508
{
513
509
struct avc_callback_node *c;
514
510
int rc = 0;
···
511
527
512
528
c->callback = callback;
513
529
c->events = events;
514
-
c->ssid = ssid;
515
-
c->tsid = tsid;
516
-
c->perms = perms;
517
530
c->next = avc_callbacks;
518
531
avc_callbacks = c;
519
532
out:
···
650
669
651
670
for (c = avc_callbacks; c; c = c->next) {
652
671
if (c->events & AVC_CALLBACK_RESET) {
653
-
tmprc = c->callback(AVC_CALLBACK_RESET,
654
-
0, 0, 0, 0, NULL);
672
+
tmprc = c->callback(AVC_CALLBACK_RESET);
655
673
/* save the first error encountered for the return
656
674
value and continue processing the callbacks */
657
675
if (!rc)
+1
-5
security/selinux/include/avc.h
+1
-5
security/selinux/include/avc.h
···
170
170
#define AVC_CALLBACK_AUDITDENY_ENABLE 64
171
171
#define AVC_CALLBACK_AUDITDENY_DISABLE 128
172
172
173
-
int avc_add_callback(int (*callback)(u32 event, u32 ssid, u32 tsid,
174
-
u16 tclass, u32 perms,
175
-
u32 *out_retained),
176
-
u32 events, u32 ssid, u32 tsid,
177
-
u16 tclass, u32 perms);
173
+
int avc_add_callback(int (*callback)(u32 event), u32 events);
178
174
179
175
/* Exported to selinuxfs */
180
176
int avc_get_hash_stats(char *page);
+2
-4
security/selinux/netif.c
+2
-4
security/selinux/netif.c
···
252
252
spin_unlock_bh(&sel_netif_lock);
253
253
}
254
254
255
-
static int sel_netif_avc_callback(u32 event, u32 ssid, u32 tsid,
256
-
u16 class, u32 perms, u32 *retained)
255
+
static int sel_netif_avc_callback(u32 event)
257
256
{
258
257
if (event == AVC_CALLBACK_RESET) {
259
258
sel_netif_flush();
···
291
292
292
293
register_netdevice_notifier(&sel_netif_netdev_notifier);
293
294
294
-
err = avc_add_callback(sel_netif_avc_callback, AVC_CALLBACK_RESET,
295
-
SECSID_NULL, SECSID_NULL, SECCLASS_NULL, 0);
295
+
err = avc_add_callback(sel_netif_avc_callback, AVC_CALLBACK_RESET);
296
296
if (err)
297
297
panic("avc_add_callback() failed, error %d\n", err);
298
298
+2
-4
security/selinux/netnode.c
+2
-4
security/selinux/netnode.c
···
297
297
spin_unlock_bh(&sel_netnode_lock);
298
298
}
299
299
300
-
static int sel_netnode_avc_callback(u32 event, u32 ssid, u32 tsid,
301
-
u16 class, u32 perms, u32 *retained)
300
+
static int sel_netnode_avc_callback(u32 event)
302
301
{
303
302
if (event == AVC_CALLBACK_RESET) {
304
303
sel_netnode_flush();
···
319
320
sel_netnode_hash[iter].size = 0;
320
321
}
321
322
322
-
ret = avc_add_callback(sel_netnode_avc_callback, AVC_CALLBACK_RESET,
323
-
SECSID_NULL, SECSID_NULL, SECCLASS_NULL, 0);
323
+
ret = avc_add_callback(sel_netnode_avc_callback, AVC_CALLBACK_RESET);
324
324
if (ret != 0)
325
325
panic("avc_add_callback() failed, error %d\n", ret);
326
326
+2
-4
security/selinux/netport.c
+2
-4
security/selinux/netport.c
···
234
234
spin_unlock_bh(&sel_netport_lock);
235
235
}
236
236
237
-
static int sel_netport_avc_callback(u32 event, u32 ssid, u32 tsid,
238
-
u16 class, u32 perms, u32 *retained)
237
+
static int sel_netport_avc_callback(u32 event)
239
238
{
240
239
if (event == AVC_CALLBACK_RESET) {
241
240
sel_netport_flush();
···
256
257
sel_netport_hash[iter].size = 0;
257
258
}
258
259
259
-
ret = avc_add_callback(sel_netport_avc_callback, AVC_CALLBACK_RESET,
260
-
SECSID_NULL, SECSID_NULL, SECCLASS_NULL, 0);
260
+
ret = avc_add_callback(sel_netport_avc_callback, AVC_CALLBACK_RESET);
261
261
if (ret != 0)
262
262
panic("avc_add_callback() failed, error %d\n", ret);
263
263
+2
-4
security/selinux/ss/services.c
+2
-4
security/selinux/ss/services.c
···
3044
3044
3045
3045
static int (*aurule_callback)(void) = audit_update_lsm_rules;
3046
3046
3047
-
static int aurule_avc_callback(u32 event, u32 ssid, u32 tsid,
3048
-
u16 class, u32 perms, u32 *retained)
3047
+
static int aurule_avc_callback(u32 event)
3049
3048
{
3050
3049
int err = 0;
3051
3050
···
3057
3058
{
3058
3059
int err;
3059
3060
3060
-
err = avc_add_callback(aurule_avc_callback, AVC_CALLBACK_RESET,
3061
-
SECSID_NULL, SECSID_NULL, SECCLASS_NULL, 0);
3061
+
err = avc_add_callback(aurule_avc_callback, AVC_CALLBACK_RESET);
3062
3062
if (err)
3063
3063
panic("avc_add_callback() failed, error %d\n", err);
3064
3064