Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_oneplus_sm8150 / f74af6e816c940c678c235d49486fe40d7e49ce9^! / . / security / selinux / hooks.c
commitf74af6e816c940c678c235d49486fe40d7e49ce9[log] [tgz]
authorPaul Moore <paul.moore@hp.com>Mon Feb 25 11:40:33 2008 -0500
committerJames Morris <jmorris@namei.org>Fri Apr 18 20:26:03 2008 +1000
tree06f2fa54bd7ceabac2ad29a6ab0aca1deb87c032
parent4b119e21d0c66c22e8ca03df05d9de623d0eb50f [diff] [blame]
SELinux: Correct the NetLabel locking for the sk_security_struct

The RCU/spinlock locking approach for the nlbl_state in the sk_security_struct
was almost certainly overkill.  This patch removes both the RCU and spinlock
locking, relying on the existing socket locks to handle the case of multiple
writers.  This change also makes several code reductions possible.

Less locking, less code - it's a Good Thing.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index d39b59c..d51bd40 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -280,7 +280,7 @@
 	ssec->sid = SECINITSID_UNLABELED;
 	sk->sk_security = ssec;
 
-	selinux_netlbl_sk_security_init(ssec, family);
+	selinux_netlbl_sk_security_reset(ssec, family);
 
 	return 0;
 }
@@ -4139,7 +4139,7 @@
 	newssec->peer_sid = ssec->peer_sid;
 	newssec->sclass = ssec->sclass;
 
-	selinux_netlbl_sk_security_clone(ssec, newssec);
+	selinux_netlbl_sk_security_reset(newssec, newsk->sk_family);
 }
 
 static void selinux_sk_getsecid(struct sock *sk, u32 *secid)