"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "net/netlabel/netlabel_kapi.c" between
linux-3.16.62.tar.xz and linux-3.16.63.tar.xz

About: The full source of the Linux kernel 3.16.x (longterm stable)

netlabel_kapi.c  (linux-3.16.62.tar.xz):netlabel_kapi.c  (linux-3.16.63.tar.xz)
skipping to change at line 950 skipping to change at line 950
* Examines the given packet to see if a recognized form of packet labeling * Examines the given packet to see if a recognized form of packet labeling
* is present, if so it parses the packet label and returns the security * is present, if so it parses the packet label and returns the security
* attributes in @secattr. Returns zero on success, negative values on * attributes in @secattr. Returns zero on success, negative values on
* failure. * failure.
* *
*/ */
int netlbl_skbuff_getattr(const struct sk_buff *skb, int netlbl_skbuff_getattr(const struct sk_buff *skb,
u16 family, u16 family,
struct netlbl_lsm_secattr *secattr) struct netlbl_lsm_secattr *secattr)
{ {
unsigned char *ptr;
switch (family) { switch (family) {
case AF_INET: case AF_INET:
if (CIPSO_V4_OPTEXIST(skb) && ptr = cipso_v4_optptr(skb);
cipso_v4_skbuff_getattr(skb, secattr) == 0) if (ptr && cipso_v4_getattr(ptr, secattr) == 0)
return 0; return 0;
break; break;
#if IS_ENABLED(CONFIG_IPV6) #if IS_ENABLED(CONFIG_IPV6)
case AF_INET6: case AF_INET6:
break; break;
#endif /* IPv6 */ #endif /* IPv6 */
} }
return netlbl_unlabel_getattr(skb, family, secattr); return netlbl_unlabel_getattr(skb, family, secattr);
} }
skipping to change at line 979 skipping to change at line 981
* @gateway: true if host is acting as a gateway, false otherwise * @gateway: true if host is acting as a gateway, false otherwise
* *
* Description: * Description:
* Deal with a LSM problem when handling the packet in @skb, typically this is * Deal with a LSM problem when handling the packet in @skb, typically this is
* a permission denied problem (-EACCES). The correct action is determined * a permission denied problem (-EACCES). The correct action is determined
* according to the packet's labeling protocol. * according to the packet's labeling protocol.
* *
*/ */
void netlbl_skbuff_err(struct sk_buff *skb, int error, int gateway) void netlbl_skbuff_err(struct sk_buff *skb, int error, int gateway)
{ {
if (CIPSO_V4_OPTEXIST(skb)) if (cipso_v4_optptr(skb))
cipso_v4_error(skb, error, gateway); cipso_v4_error(skb, error, gateway);
} }
/** /**
* netlbl_cache_invalidate - Invalidate all of the NetLabel protocol caches * netlbl_cache_invalidate - Invalidate all of the NetLabel protocol caches
* *
* Description: * Description:
* For all of the NetLabel protocols that support some form of label mapping * For all of the NetLabel protocols that support some form of label mapping
* cache, invalidate the cache. Returns zero on success, negative values on * cache, invalidate the cache. Returns zero on success, negative values on
* error. * error.
skipping to change at line 1011 skipping to change at line 1013
* *
* Description: * Description:
* Add the LSM security attributes for the given packet to the underlying * Add the LSM security attributes for the given packet to the underlying
* NetLabel protocol's label mapping cache. Returns zero on success, negative * NetLabel protocol's label mapping cache. Returns zero on success, negative
* values on error. * values on error.
* *
*/ */
int netlbl_cache_add(const struct sk_buff *skb, int netlbl_cache_add(const struct sk_buff *skb,
const struct netlbl_lsm_secattr *secattr) const struct netlbl_lsm_secattr *secattr)
{ {
unsigned char *ptr;
if ((secattr->flags & NETLBL_SECATTR_CACHE) == 0) if ((secattr->flags & NETLBL_SECATTR_CACHE) == 0)
return -ENOMSG; return -ENOMSG;
if (CIPSO_V4_OPTEXIST(skb)) ptr = cipso_v4_optptr(skb);
return cipso_v4_cache_add(skb, secattr); if (ptr)
return cipso_v4_cache_add(ptr, secattr);
return -ENOMSG; return -ENOMSG;
} }
/* /*
* Protocol Engine Functions * Protocol Engine Functions
*/ */
/** /**
* netlbl_audit_start - Start an audit message * netlbl_audit_start - Start an audit message
 End of changes. 5 change blocks. 
5 lines changed or deleted 10 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)