selinux: Shuffle the sk_security_struct alloc and free routines (84914b7e) · Commits · e / devices / android_kernel_fairphone_FP3

security/selinux/hooks.c

+17 −28

Original line number	Diff line number	Diff line
		@@ -279,32 +279,6 @@ static void superblock_free_security(struct super_block *sb)
		kfree(sbsec);
		}

		static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
		{
		struct sk_security_struct *sksec;

		sksec = kzalloc(sizeof(*sksec), priority);
		if (!sksec)
		return -ENOMEM;

		sksec->peer_sid = SECINITSID_UNLABELED;
		sksec->sid = SECINITSID_UNLABELED;
		sk->sk_security = sksec;

		selinux_netlbl_sk_security_reset(sksec);

		return 0;
		}

		static void sk_free_security(struct sock *sk)
		{
		struct sk_security_struct *sksec = sk->sk_security;

		sk->sk_security = NULL;
		selinux_netlbl_sk_security_free(sksec);
		kfree(sksec);
		}

		/* The security server must be initialized before
		any labeling or access decisions can be provided. */
		extern int ss_initialized;
		@@ -4224,12 +4198,27 @@ static int selinux_socket_getpeersec_dgram(struct socket sock, struct sk_buff

		static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority)
		{
		return sk_alloc_security(sk, family, priority);
		struct sk_security_struct *sksec;

		sksec = kzalloc(sizeof(*sksec), priority);
		if (!sksec)
		return -ENOMEM;

		sksec->peer_sid = SECINITSID_UNLABELED;
		sksec->sid = SECINITSID_UNLABELED;
		selinux_netlbl_sk_security_reset(sksec);
		sk->sk_security = sksec;

		return 0;
		}

		static void selinux_sk_free_security(struct sock *sk)
		{
		sk_free_security(sk);
		struct sk_security_struct *sksec = sk->sk_security;

		sk->sk_security = NULL;
		selinux_netlbl_sk_security_free(sksec);
		kfree(sksec);
		}

		static void selinux_sk_clone_security(const struct sock sk, struct sock newsk)