netlabel: Pass a family parameter to netlbl_skbuff_err(). (a04e71f6) · Commits · e / devices / android_kernel_fairphone_FP4

include/net/netlabel.h

+1 −1

Original line number	Diff line number	Diff line
		@@ -488,7 +488,7 @@ int netlbl_skbuff_setattr(struct sk_buff *skb,
		int netlbl_skbuff_getattr(const struct sk_buff *skb,
		u16 family,
		struct netlbl_lsm_secattr *secattr);
		void netlbl_skbuff_err(struct sk_buff *skb, int error, int gateway);
		void netlbl_skbuff_err(struct sk_buff *skb, u16 family, int error, int gateway);

		/*
		* LSM label mapping cache operations

+8 −3

Original line number	Diff line number	Diff line
		@@ -1249,6 +1249,7 @@ int netlbl_skbuff_getattr(const struct sk_buff *skb,
		/**
		* netlbl_skbuff_err - Handle a LSM error on a sk_buff
		* @skb: the packet
		* @family: the family
		* @error: the error code
		* @gateway: true if host is acting as a gateway, false otherwise
		*
		@@ -1258,10 +1259,14 @@ int netlbl_skbuff_getattr(const struct sk_buff *skb,
		* according to the packet's labeling protocol.
		*
		*/
		void netlbl_skbuff_err(struct sk_buff *skb, int error, int gateway)
		void netlbl_skbuff_err(struct sk_buff *skb, u16 family, int error, int gateway)
		{
		switch (family) {
		case AF_INET:
		if (cipso_v4_optptr(skb))
		cipso_v4_error(skb, error, gateway);
		break;
		}
		}

		/**

+3 −3

Original line number	Diff line number	Diff line
		@@ -4603,13 +4603,13 @@ static int selinux_socket_sock_rcv_skb(struct sock sk, struct sk_buff skb)
		err = selinux_inet_sys_rcv_skb(sock_net(sk), skb->skb_iif,
		addrp, family, peer_sid, &ad);
		if (err) {
		selinux_netlbl_err(skb, err, 0);
		selinux_netlbl_err(skb, family, err, 0);
		return err;
		}
		err = avc_has_perm(sk_sid, peer_sid, SECCLASS_PEER,
		PEER__RECV, &ad);
		if (err) {
		selinux_netlbl_err(skb, err, 0);
		selinux_netlbl_err(skb, family, err, 0);
		return err;
		}
		}
		@@ -4977,7 +4977,7 @@ static unsigned int selinux_ip_forward(struct sk_buff *skb,
		err = selinux_inet_sys_rcv_skb(dev_net(indev), indev->ifindex,
		addrp, family, peer_sid, &ad);
		if (err) {
		selinux_netlbl_err(skb, err, 1);
		selinux_netlbl_err(skb, family, err, 1);
		return NF_DROP;
		}
		}

+3 −1

Original line number	Diff line number	Diff line
		@@ -40,7 +40,8 @@
		#ifdef CONFIG_NETLABEL
		void selinux_netlbl_cache_invalidate(void);

		void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway);
		void selinux_netlbl_err(struct sk_buff *skb, u16 family, int error,
		int gateway);

		void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec);
		void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec);
		@@ -72,6 +73,7 @@ static inline void selinux_netlbl_cache_invalidate(void)
		}

		static inline void selinux_netlbl_err(struct sk_buff *skb,
		u16 family,
		int error,
		int gateway)
		{

+3 −3

Original line number	Diff line number	Diff line
		@@ -151,9 +151,9 @@ void selinux_netlbl_cache_invalidate(void)
		* present on the packet, NetLabel is smart enough to only act when it should.
		*
		*/
		void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway)
		void selinux_netlbl_err(struct sk_buff *skb, u16 family, int error, int gateway)
		{
		netlbl_skbuff_err(skb, error, gateway);
		netlbl_skbuff_err(skb, family, error, gateway);
		}

		/**
		@@ -405,7 +405,7 @@ int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec,
		return 0;

		if (nlbl_sid != SECINITSID_UNLABELED)
		netlbl_skbuff_err(skb, rc, 0);
		netlbl_skbuff_err(skb, family, rc, 0);
		return rc;
		}