X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=security%2Fselinux%2Favc.c;h=7afe09eed6ac8d9b948022bd75be3b05ad433608;hb=9bf4aaab3e101692164d49b7ca357651eb691cb6;hp=ee5a4fb1761ea8391f2c5c35b86b5138a1b0ecc2;hpb=db216c3d5e4c040e557a50f8f5d35d5c415e8c1c;p=linux-2.6.git diff --git a/security/selinux/avc.c b/security/selinux/avc.c index ee5a4fb17..7afe09eed 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -71,16 +71,34 @@ struct avc_callback_node { }; static spinlock_t avc_lock = SPIN_LOCK_UNLOCKED; -static struct avc_node *avc_node_freelist = NULL; +static struct avc_node *avc_node_freelist; static struct avc_cache avc_cache; static unsigned avc_cache_stats[AVC_NSTATS]; -static struct avc_callback_node *avc_callbacks = NULL; +static struct avc_callback_node *avc_callbacks; static inline int avc_hash(u32 ssid, u32 tsid, u16 tclass) { return (ssid ^ (tsid<<2) ^ (tclass<<4)) & (AVC_CACHE_SLOTS - 1); } +#ifdef AVC_CACHE_STATS +static inline void avc_cache_stats_incr(int type) +{ + avc_cache_stats[type]++; +} + +static inline void avc_cache_stats_add(int type, unsigned val) +{ + avc_cache_stats[type] += val; +} +#else +static inline void avc_cache_stats_incr(int type) +{ } + +static inline void avc_cache_stats_add(int type, unsigned val) +{ } +#endif + /** * avc_dump_av - Display an access vector in human-readable form. * @tclass: target security class @@ -88,7 +106,7 @@ static inline int avc_hash(u32 ssid, u32 tsid, u16 tclass) */ void avc_dump_av(struct audit_buffer *ab, u16 tclass, u32 av) { - char **common_pts = 0; + char **common_pts = NULL; u32 common_base = 0; int i, i2, perm; @@ -173,15 +191,6 @@ void __init avc_init(void) struct avc_node *new; int i; - for (i = 0; i < AVC_NSTATS; i++) - avc_cache_stats[i] = 0; - - for (i = 0; i < AVC_CACHE_SLOTS; i++) - avc_cache.slots[i] = 0; - avc_cache.lru_hint = 0; - avc_cache.active_nodes = 0; - avc_cache.latest_notif = 0; - for (i = 0; i < AVC_CACHE_MAXNODES; i++) { new = kmalloc(sizeof(*new), GFP_ATOMIC); if (!new) { @@ -725,7 +734,7 @@ static int avc_update_cache(u32 event, u32 ssid, u32 tsid, } } else { /* apply to one node */ - node = avc_search_node(ssid, tsid, tclass, 0); + node = avc_search_node(ssid, tsid, tclass, NULL); if (node) { avc_update_node(event,node,perms); } @@ -799,7 +808,7 @@ int avc_ss_grant(u32 ssid, u32 tsid, u16 tclass, u32 perms, u32 seqno) { return avc_control(AVC_CALLBACK_GRANT, - ssid, tsid, tclass, perms, seqno, 0); + ssid, tsid, tclass, perms, seqno, NULL); } /** @@ -837,7 +846,7 @@ int avc_ss_revoke(u32 ssid, u32 tsid, u16 tclass, u32 perms, u32 seqno) { return avc_control(AVC_CALLBACK_REVOKE, - ssid, tsid, tclass, perms, seqno, 0); + ssid, tsid, tclass, perms, seqno, NULL); } /** @@ -869,7 +878,7 @@ int avc_ss_reset(u32 seqno) avc_node_freelist = tmp; avc_cache.active_nodes--; } - avc_cache.slots[i] = 0; + avc_cache.slots[i] = NULL; } avc_cache.lru_hint = 0; @@ -881,7 +890,7 @@ int avc_ss_reset(u32 seqno) for (c = avc_callbacks; c; c = c->next) { if (c->events & AVC_CALLBACK_RESET) { rc = c->callback(AVC_CALLBACK_RESET, - 0, 0, 0, 0, 0); + 0, 0, 0, 0, NULL); if (rc) goto out; } @@ -909,10 +918,10 @@ int avc_ss_set_auditallow(u32 ssid, u32 tsid, u16 tclass, { if (enable) return avc_control(AVC_CALLBACK_AUDITALLOW_ENABLE, - ssid, tsid, tclass, perms, seqno, 0); + ssid, tsid, tclass, perms, seqno, NULL); else return avc_control(AVC_CALLBACK_AUDITALLOW_DISABLE, - ssid, tsid, tclass, perms, seqno, 0); + ssid, tsid, tclass, perms, seqno, NULL); } /** @@ -929,10 +938,10 @@ int avc_ss_set_auditdeny(u32 ssid, u32 tsid, u16 tclass, { if (enable) return avc_control(AVC_CALLBACK_AUDITDENY_ENABLE, - ssid, tsid, tclass, perms, seqno, 0); + ssid, tsid, tclass, perms, seqno, NULL); else return avc_control(AVC_CALLBACK_AUDITDENY_DISABLE, - ssid, tsid, tclass, perms, seqno, 0); + ssid, tsid, tclass, perms, seqno, NULL); } /** @@ -984,7 +993,7 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid, ae->used = 1; } else { avc_cache_stats_incr(AVC_ENTRY_DISCARDS); - ae = 0; + ae = NULL; } }