diff options
| author |   Paul Moore <paul.moore@hp.com> | 2006-11-17 17:38:53 -0500 |
|---|---|---|
| committer |   David S. Miller <davem@sunset.davemloft.net> | 2006-12-02 21:24:13 -0800 |
| commit | 9f2ad66509b182b399a5b03de487f45bde623524 (patch) | |
| tree | 8376dc2db99a78c1b043644f019c4dc224187f16 /security/selinux/include/objsec.h | |
| parent | NetLabel: use cipso_v4_doi_search() for local CIPSOv4 functions (diff) | |
| download | linux-dev-9f2ad66509b182b399a5b03de487f45bde623524.tar.xz linux-dev-9f2ad66509b182b399a5b03de487f45bde623524.zip | |
NetLabel: SELinux cleanups
This patch does a lot of cleanup in the SELinux NetLabel support code. A
summary of the changes include:
* Use RCU locking for the NetLabel state variable in the skk_security_struct
instead of using the inode_security_struct mutex.
* Remove unnecessary parameters in selinux_netlbl_socket_post_create().
* Rename selinux_netlbl_sk_clone_security() to
selinux_netlbl_sk_security_clone() to better fit the other NetLabel
sk_security functions.
* Improvements to selinux_netlbl_inode_permission() to help reduce the cost of
the common case.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/include/objsec.h')
| -rw-r--r-- | security/selinux/include/objsec.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index ef2267fea8bd..91b88f0ba20c 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -23,6 +23,7 @@ #include <linux/fs.h> #include <linux/binfmts.h> #include <linux/in.h> +#include <linux/spinlock.h> #include "flask.h" #include "avc.h" @@ -108,6 +109,7 @@ struct sk_security_struct { NLBL_REQUIRE, NLBL_LABELED, } nlbl_state; + spinlock_t nlbl_lock; /* protects nlbl_state */ #endif }; |