When they were originally added, the clone_sk / clone_tcp_sk static inline functions contained an #if 1 as a placeholder (http://marc.theaimsgroup.com/?l=linux-security-module&m=102700075714674&w=2). The attached patches change this to use the CONFIG_SECURITY option. Any objections? -- Stephen Smalley, NSA sdsat_private Index: lsm-2.4/include/net/sock.h =================================================================== RCS file: /home/pal/CVS/lsm-2.4/include/net/sock.h,v retrieving revision 1.11 diff -u -r1.11 sock.h --- lsm-2.4/include/net/sock.h 3 Jan 2003 13:30:30 -0000 1.11 +++ lsm-2.4/include/net/sock.h 23 Jan 2003 20:27:50 -0000 @@ -685,7 +685,7 @@ }; static inline void clone_sk(struct sock *newsk, struct sock *sk) { -#if 1 +#ifdef CONFIG_SECURITY /* Save/restore the LSM security pointer around the copy */ void *sptr = newsk->security; memcpy(newsk, sk, sizeof(*newsk)); Index: lsm-2.5/include/linux/tcp.h =================================================================== RCS file: /home/pal/CVS/lsm-2.5/include/linux/tcp.h,v retrieving revision 1.5 diff -u -r1.5 tcp.h --- lsm-2.5/include/linux/tcp.h 22 Oct 2002 12:58:54 -0000 1.5 +++ lsm-2.5/include/linux/tcp.h 23 Jan 2003 20:31:57 -0000 @@ -383,7 +383,7 @@ #define tcp_sk(__sk) (&((struct tcp_sock *)__sk)->tcp) static inline void clone_tcp_sk(struct sock *newsk, struct sock *sk) { -#if 1 +#ifdef CONFIG_SECURITY /* Save/restore the LSM security pointer around the copy */ void *sptr = newsk->security; memcpy(newsk, sk, sizeof(struct tcp_sock)); _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jan 23 2003 - 12:57:25 PST