tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

selinux: always call sk_security_struct sksec

trying to grep everything that messes with a sk_security_struct isn't easy
since we don't always call it sksec. Just rename everything sksec.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>

authored by

Eric Paris and committed by
James Morris dd3e7836 d25d6fa1

+36 -36
+25 -25
security/selinux/hooks.c
··· 293 293 294 294 static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) 295 295 { 296 - struct sk_security_struct *ssec; 296 + struct sk_security_struct *sksec; 297 297 298 - ssec = kzalloc(sizeof(*ssec), priority); 299 - if (!ssec) 298 + sksec = kzalloc(sizeof(*sksec), priority); 299 + if (!sksec) 300 300 return -ENOMEM; 301 301 302 - ssec->peer_sid = SECINITSID_UNLABELED; 303 - ssec->sid = SECINITSID_UNLABELED; 304 - sk->sk_security = ssec; 302 + sksec->peer_sid = SECINITSID_UNLABELED; 303 + sksec->sid = SECINITSID_UNLABELED; 304 + sk->sk_security = sksec; 305 305 306 - selinux_netlbl_sk_security_reset(ssec); 306 + selinux_netlbl_sk_security_reset(sksec); 307 307 308 308 return 0; 309 309 } 310 310 311 311 static void sk_free_security(struct sock *sk) 312 312 { 313 - struct sk_security_struct *ssec = sk->sk_security; 313 + struct sk_security_struct *sksec = sk->sk_security; 314 314 315 315 sk->sk_security = NULL; 316 - selinux_netlbl_sk_security_free(ssec); 317 - kfree(ssec); 316 + selinux_netlbl_sk_security_free(sksec); 317 + kfree(sksec); 318 318 } 319 319 320 320 /* The security server must be initialized before ··· 4002 4002 struct socket *other, 4003 4003 struct sock *newsk) 4004 4004 { 4005 - struct sk_security_struct *ssec; 4005 + struct sk_security_struct *sksec; 4006 4006 struct inode_security_struct *isec; 4007 4007 struct inode_security_struct *other_isec; 4008 4008 struct common_audit_data ad; ··· 4021 4021 return err; 4022 4022 4023 4023 /* connecting socket */ 4024 - ssec = sock->sk->sk_security; 4025 - ssec->peer_sid = other_isec->sid; 4024 + sksec = sock->sk->sk_security; 4025 + sksec->peer_sid = other_isec->sid; 4026 4026 4027 4027 /* server child socket */ 4028 - ssec = newsk->sk_security; 4029 - ssec->peer_sid = isec->sid; 4030 - err = security_sid_mls_copy(other_isec->sid, ssec->peer_sid, &ssec->sid); 4028 + sksec = newsk->sk_security; 4029 + sksec->peer_sid = isec->sid; 4030 + err = security_sid_mls_copy(other_isec->sid, sksec->peer_sid, &sksec->sid); 4031 4031 4032 4032 return err; 4033 4033 } ··· 4190 4190 int err = 0; 4191 4191 char *scontext; 4192 4192 u32 scontext_len; 4193 - struct sk_security_struct *ssec; 4193 + struct sk_security_struct *sksec; 4194 4194 struct inode_security_struct *isec; 4195 4195 u32 peer_sid = SECSID_NULL; 4196 4196 ··· 4198 4198 4199 4199 if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET || 4200 4200 isec->sclass == SECCLASS_TCP_SOCKET) { 4201 - ssec = sock->sk->sk_security; 4202 - peer_sid = ssec->peer_sid; 4201 + sksec = sock->sk->sk_security; 4202 + peer_sid = sksec->peer_sid; 4203 4203 } 4204 4204 if (peer_sid == SECSID_NULL) { 4205 4205 err = -ENOPROTOOPT; ··· 4266 4266 4267 4267 static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk) 4268 4268 { 4269 - struct sk_security_struct *ssec = sk->sk_security; 4270 - struct sk_security_struct *newssec = newsk->sk_security; 4269 + struct sk_security_struct *sksec = sk->sk_security; 4270 + struct sk_security_struct *newsksec = newsk->sk_security; 4271 4271 4272 - newssec->sid = ssec->sid; 4273 - newssec->peer_sid = ssec->peer_sid; 4274 - newssec->sclass = ssec->sclass; 4272 + newsksec->sid = sksec->sid; 4273 + newsksec->peer_sid = sksec->peer_sid; 4274 + newsksec->sclass = sksec->sclass; 4275 4275 4276 - selinux_netlbl_sk_security_reset(newssec); 4276 + selinux_netlbl_sk_security_reset(newsksec); 4277 4277 } 4278 4278 4279 4279 static void selinux_sk_getsecid(struct sock *sk, u32 *secid)
+4 -4
security/selinux/include/netlabel.h
··· 42 42 43 43 void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway); 44 44 45 - void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec); 46 - void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec); 45 + void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec); 46 + void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec); 47 47 48 48 int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, 49 49 u16 family, ··· 79 79 } 80 80 81 81 static inline void selinux_netlbl_sk_security_free( 82 - struct sk_security_struct *ssec) 82 + struct sk_security_struct *sksec) 83 83 { 84 84 return; 85 85 } 86 86 87 87 static inline void selinux_netlbl_sk_security_reset( 88 - struct sk_security_struct *ssec) 88 + struct sk_security_struct *sksec) 89 89 { 90 90 return; 91 91 }
+7 -7
security/selinux/netlabel.c
··· 131 131 132 132 /** 133 133 * selinux_netlbl_sk_security_free - Free the NetLabel fields 134 - * @sssec: the sk_security_struct 134 + * @sksec: the sk_security_struct 135 135 * 136 136 * Description: 137 137 * Free all of the memory in the NetLabel fields of a sk_security_struct. 138 138 * 139 139 */ 140 - void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec) 140 + void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec) 141 141 { 142 - if (ssec->nlbl_secattr != NULL) 143 - netlbl_secattr_free(ssec->nlbl_secattr); 142 + if (sksec->nlbl_secattr != NULL) 143 + netlbl_secattr_free(sksec->nlbl_secattr); 144 144 } 145 145 146 146 /** 147 147 * selinux_netlbl_sk_security_reset - Reset the NetLabel fields 148 - * @ssec: the sk_security_struct 148 + * @sksec: the sk_security_struct 149 149 * @family: the socket family 150 150 * 151 151 * Description: ··· 153 153 * The caller is responsibile for all the NetLabel sk_security_struct locking. 154 154 * 155 155 */ 156 - void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec) 156 + void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec) 157 157 { 158 - ssec->nlbl_state = NLBL_UNSET; 158 + sksec->nlbl_state = NLBL_UNSET; 159 159 } 160 160 161 161 /**