Oh well - the patch I posted didn't compile.
Missing includes for the structs. And including them
in security.h is a problem. So the code has to go
in-line in the relevant files.
Here's another patch. This time I compiled it before
posting.
Mike
diff -r -u /home/mjw/lsm/lsm-2.4.20-lsm1/include/net/tcp.h lsm-2.4.20-lsm1/include/net/tcp.h
--- /home/mjw/lsm/lsm-2.4.20-lsm1/include/net/tcp.h Wed Apr 9 09:46:55 2003
+++ lsm-2.4.20-lsm1/include/net/tcp.h Wed Apr 9 10:56:26 2003
@@ -534,12 +534,15 @@
struct open_request *req =
kmem_cache_alloc(tcp_openreq_cachep, SLAB_ATOMIC);
+#ifdef CONFIG_SECURITY_NETWORK
if (req != NULL) {
+ req->security = NULL;
if (security_open_request_alloc(req)) {
kmem_cache_free(tcp_openreq_cachep, req);
return NULL;
}
}
+#endif
return req;
}
diff -r -u /home/mjw/lsm/lsm-2.4.20-lsm1/net/core/sock.c lsm-2.4.20-lsm1/net/core/sock.c
--- /home/mjw/lsm/lsm-2.4.20-lsm1/net/core/sock.c Wed Apr 9 09:46:59 2003
+++ lsm-2.4.20-lsm1/net/core/sock.c Wed Apr 9 10:52:45 2003
@@ -591,12 +591,14 @@
sk->family = family;
sock_lock_init(sk);
}
+#ifdef CONFIG_SECURITY_NETWORK
+ sk->security = NULL;
if (security_sock_alloc(sk, priority)) {
kmem_cache_free(sk_cachep, sk);
return NULL;
}
}
-
+#endif
return sk;
}
diff -r -u /home/mjw/lsm/lsm-2.4.20-lsm1/security/dummy.c lsm-2.4.20-lsm1/security/dummy.c
--- /home/mjw/lsm/lsm-2.4.20-lsm1/security/dummy.c Wed Apr 9 09:46:57 2003
+++ lsm-2.4.20-lsm1/security/dummy.c Wed Apr 9 09:50:28 2003
@@ -813,7 +813,6 @@
static int dummy_socket_sock_alloc_security(struct sock *sk, int gfp_mask)
{
- sk->security = NULL;
return 0;
}
@@ -829,7 +828,6 @@
static int dummy_open_request_alloc_security(struct open_request * req)
{
- req->security = NULL;
return 0;
}
_______________________________________________
linux-security-module mailing list
linux-security-module@mail.wirex.com
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Apr 09 2003 - 04:17:52 PDT