git://git.onelab.eu
/
linux-2.6.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge to kernel-2.6.20-1.2949.fc6.vs2.2.0.1
[linux-2.6.git]
/
security
/
selinux
/
avc.c
diff --git
a/security/selinux/avc.c
b/security/selinux/avc.c
index
ac5d69b
..
e7c0b5e
100644
(file)
--- a/
security/selinux/avc.c
+++ b/
security/selinux/avc.c
@@
-32,12
+32,7
@@
#include "avc.h"
#include "avc_ss.h"
#include "avc.h"
#include "avc_ss.h"
-static const struct av_perm_to_string
-{
- u16 tclass;
- u32 value;
- const char *name;
-} av_perm_to_string[] = {
+static const struct av_perm_to_string av_perm_to_string[] = {
#define S_(c, v, s) { c, v, s },
#include "av_perm_to_string.h"
#undef S_
#define S_(c, v, s) { c, v, s },
#include "av_perm_to_string.h"
#undef S_
@@
-57,17
+52,21
@@
static const char *class_to_string[] = {
#undef TE_
#undef S_
#undef TE_
#undef S_
-static const struct av_inherit
-{
- u16 tclass;
- const char **common_pts;
- u32 common_base;
-} av_inherit[] = {
+static const struct av_inherit av_inherit[] = {
#define S_(c, i, b) { c, common_##i##_perm_to_string, b },
#include "av_inherit.h"
#undef S_
};
#define S_(c, i, b) { c, common_##i##_perm_to_string, b },
#include "av_inherit.h"
#undef S_
};
+const struct selinux_class_perm selinux_class_perm = {
+ av_perm_to_string,
+ ARRAY_SIZE(av_perm_to_string),
+ class_to_string,
+ ARRAY_SIZE(class_to_string),
+ av_inherit,
+ ARRAY_SIZE(av_inherit)
+};
+
#define AVC_CACHE_SLOTS 512
#define AVC_DEF_CACHE_THRESHOLD 512
#define AVC_CACHE_RECLAIM 16
#define AVC_CACHE_SLOTS 512
#define AVC_DEF_CACHE_THRESHOLD 512
#define AVC_CACHE_RECLAIM 16
@@
-125,7
+124,7
@@
DEFINE_PER_CPU(struct avc_cache_stats, avc_cache_stats) = { 0 };
static struct avc_cache avc_cache;
static struct avc_callback_node *avc_callbacks;
static struct avc_cache avc_cache;
static struct avc_callback_node *avc_callbacks;
-static
kmem_cache_t
*avc_node_cachep;
+static
struct kmem_cache
*avc_node_cachep;
static inline int avc_hash(u32 ssid, u32 tsid, u16 tclass)
{
static inline int avc_hash(u32 ssid, u32 tsid, u16 tclass)
{
@@
-333,7
+332,7
@@
static struct avc_node *avc_alloc_node(void)
{
struct avc_node *node;
{
struct avc_node *node;
- node = kmem_cache_alloc(avc_node_cachep,
SLAB
_ATOMIC);
+ node = kmem_cache_alloc(avc_node_cachep,
GFP
_ATOMIC);
if (!node)
goto out;
if (!node)
goto out;
@@
-497,7
+496,7
@@
static inline void avc_print_ipv6_addr(struct audit_buffer *ab,
audit_log_format(ab, " %s=%d", name2, ntohs(port));
}
audit_log_format(ab, " %s=%d", name2, ntohs(port));
}
-static inline void avc_print_ipv4_addr(struct audit_buffer *ab,
u
32 addr,
+static inline void avc_print_ipv4_addr(struct audit_buffer *ab,
__be
32 addr,
__be16 port, char *name1, char *name2)
{
if (addr)
__be16 port, char *name1, char *name2)
{
if (addr)
@@
-800,7
+799,7
@@
out:
int avc_ss_reset(u32 seqno)
{
struct avc_callback_node *c;
int avc_ss_reset(u32 seqno)
{
struct avc_callback_node *c;
- int i, rc = 0;
+ int i, rc = 0
, tmprc
;
unsigned long flag;
struct avc_node *node;
unsigned long flag;
struct avc_node *node;
@@
-813,15
+812,16
@@
int avc_ss_reset(u32 seqno)
for (c = avc_callbacks; c; c = c->next) {
if (c->events & AVC_CALLBACK_RESET) {
for (c = avc_callbacks; c; c = c->next) {
if (c->events & AVC_CALLBACK_RESET) {
- rc = c->callback(AVC_CALLBACK_RESET,
- 0, 0, 0, 0, NULL);
- if (rc)
- goto out;
+ tmprc = c->callback(AVC_CALLBACK_RESET,
+ 0, 0, 0, 0, NULL);
+ /* save the first error encountered for the return
+ value and continue processing the callbacks */
+ if (!rc)
+ rc = tmprc;
}
}
avc_latest_notif_update(seqno, 0);
}
}
avc_latest_notif_update(seqno, 0);
-out:
return rc;
}
return rc;
}