selinux: don't revalidate inodes in selinux_socket_getpeersec_dgram() We don't have to worry about socket inodes being invalidated so use inode_security_novalidate() to fetch the inode's security blob. Signed-off-by: Paul Moore <paul@paul-moore.com>

commit: 899134f2f6e27dcae1fee12593c492577cc80987 [log] [tgz]
author: Paul Moore <paul@paul-moore.com> Mon Mar 28 15:19:10 2016 -0400
committer: Paul Moore <paul@paul-moore.com> Tue Apr 05 16:10:52 2016 -0400
tree: e9581c725a218d2aec26b2a5f5a7c3850c2e94f0
parent: 341e0cb593a2b7ec86dd6ca96c68eadc3f6fe1e6 [diff] [blame]
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 912deee..65642be 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -4598,6 +4598,7 @@
 {
 	u32 peer_secid = SECSID_NULL;
 	u16 family;
+	struct inode_security_struct *isec;
 
 	if (skb && skb->protocol == htons(ETH_P_IP))
 		family = PF_INET;
@@ -4608,9 +4609,10 @@
 	else
 		goto out;
 
-	if (sock && family == PF_UNIX)
-		selinux_inode_getsecid(SOCK_INODE(sock), &peer_secid);
-	else if (skb)
+	if (sock && family == PF_UNIX) {
+		isec = inode_security_novalidate(SOCK_INODE(sock));
+		peer_secid = isec->sid;
+	} else if (skb)
 		selinux_skb_peerlbl_sid(skb, family, &peer_secid);
 
 out:
commit	899134f2f6e27dcae1fee12593c492577cc80987	[log] [tgz]
author	Paul Moore <paul@paul-moore.com>	Mon Mar 28 15:19:10 2016 -0400
committer	Paul Moore <paul@paul-moore.com>	Tue Apr 05 16:10:52 2016 -0400
tree	e9581c725a218d2aec26b2a5f5a7c3850c2e94f0
parent	341e0cb593a2b7ec86dd6ca96c68eadc3f6fe1e6 [diff] [blame]