[SELINUX]: Fix 2.6.20-rc6 build when no xfrm

This patch is an incremental fix to the flow_cache_genid
patch for selinux that breaks the build of 2.6.20-rc6 when
xfrm is not configured.

Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Venkat Yekkirala 2007-01-26 19:03:48 -08:00 committed by David S. Miller
parent c229ec5dae
commit 342a0cff0a
2 changed files with 12 additions and 3 deletions

View file

@ -37,6 +37,11 @@ int selinux_xfrm_sock_rcv_skb(u32 sid, struct sk_buff *skb,
int selinux_xfrm_postroute_last(u32 isec_sid, struct sk_buff *skb,
struct avc_audit_data *ad, u8 proto);
int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall);
static inline void selinux_xfrm_notify_policyload(void)
{
atomic_inc(&flow_cache_genid);
}
#else
static inline int selinux_xfrm_sock_rcv_skb(u32 isec_sid, struct sk_buff *skb,
struct avc_audit_data *ad)
@ -55,6 +60,10 @@ static inline int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int
*sid = SECSID_NULL;
return 0;
}
static inline void selinux_xfrm_notify_policyload(void)
{
}
#endif
static inline void selinux_skb_xfrm_sid(struct sk_buff *skb, u32 *sid)

View file

@ -1299,7 +1299,7 @@ int security_load_policy(void *data, size_t len)
avc_ss_reset(seqno);
selnl_notify_policyload(seqno);
selinux_netlbl_cache_invalidate();
atomic_inc(&flow_cache_genid);
selinux_xfrm_notify_policyload();
return 0;
}
@ -1355,7 +1355,7 @@ int security_load_policy(void *data, size_t len)
avc_ss_reset(seqno);
selnl_notify_policyload(seqno);
selinux_netlbl_cache_invalidate();
atomic_inc(&flow_cache_genid);
selinux_xfrm_notify_policyload();
return 0;
@ -1855,7 +1855,7 @@ out:
if (!rc) {
avc_ss_reset(seqno);
selnl_notify_policyload(seqno);
atomic_inc(&flow_cache_genid);
selinux_xfrm_notify_policyload();
}
return rc;
}