selinux: Fix missing calls to netlbl_skbuff_err() At some point I think I messed up and dropped the calls to netlbl_skbuff_err() which are necessary for CIPSO to send error notifications to remote systems. This patch re-introduces the error handling calls into the SELinux code. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org>

commit: dfaebe9825ff34983778f287101bc5f3bce00640 [log] [tgz]
author: Paul Moore <paul.moore@hp.com> Fri Oct 10 10:16:31 2008 -0400
committer: Paul Moore <paul.moore@hp.com> Fri Oct 10 10:16:31 2008 -0400
tree: 4dccdcdcecd57fc8bfc083ff30d9e0ecb2e7ecba
parent: 99d854d231ce141850b988bdc7e2e7c78f49b03a [diff] [blame]
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c
index 6c211fe9..22faba6 100644
--- a/net/netlabel/netlabel_kapi.c
+++ b/net/netlabel/netlabel_kapi.c

@@ -490,6 +490,7 @@
  * netlbl_skbuff_err - Handle a LSM error on a sk_buff
  * @skb: the packet
  * @error: the error code
+ * @gateway: true if host is acting as a gateway, false otherwise
  *
  * Description:
  * Deal with a LSM problem when handling the packet in @skb, typically this is
@@ -497,10 +498,10 @@
  * according to the packet's labeling protocol.
  *
  */
-void netlbl_skbuff_err(struct sk_buff *skb, int error)
+void netlbl_skbuff_err(struct sk_buff *skb, int error, int gateway)
 {
 	if (CIPSO_V4_OPTEXIST(skb))
-		cipso_v4_error(skb, error, 0);
+		cipso_v4_error(skb, error, gateway);
 }
 
 /**
commit	dfaebe9825ff34983778f287101bc5f3bce00640	[log] [tgz]
author	Paul Moore <paul.moore@hp.com>	Fri Oct 10 10:16:31 2008 -0400
committer	Paul Moore <paul.moore@hp.com>	Fri Oct 10 10:16:31 2008 -0400
tree	4dccdcdcecd57fc8bfc083ff30d9e0ecb2e7ecba
parent	99d854d231ce141850b988bdc7e2e7c78f49b03a [diff] [blame]