selinux: always call sk_security_struct sksec
trying to grep everything that messes with a sk_security_struct isn't easy
since we don't always call it sksec. Just rename everything sksec.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 63c2d36d..ebee467 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -293,28 +293,28 @@
static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
{
- struct sk_security_struct *ssec;
+ struct sk_security_struct *sksec;
- ssec = kzalloc(sizeof(*ssec), priority);
- if (!ssec)
+ sksec = kzalloc(sizeof(*sksec), priority);
+ if (!sksec)
return -ENOMEM;
- ssec->peer_sid = SECINITSID_UNLABELED;
- ssec->sid = SECINITSID_UNLABELED;
- sk->sk_security = ssec;
+ sksec->peer_sid = SECINITSID_UNLABELED;
+ sksec->sid = SECINITSID_UNLABELED;
+ sk->sk_security = sksec;
- selinux_netlbl_sk_security_reset(ssec);
+ selinux_netlbl_sk_security_reset(sksec);
return 0;
}
static void sk_free_security(struct sock *sk)
{
- struct sk_security_struct *ssec = sk->sk_security;
+ struct sk_security_struct *sksec = sk->sk_security;
sk->sk_security = NULL;
- selinux_netlbl_sk_security_free(ssec);
- kfree(ssec);
+ selinux_netlbl_sk_security_free(sksec);
+ kfree(sksec);
}
/* The security server must be initialized before
@@ -4002,7 +4002,7 @@
struct socket *other,
struct sock *newsk)
{
- struct sk_security_struct *ssec;
+ struct sk_security_struct *sksec;
struct inode_security_struct *isec;
struct inode_security_struct *other_isec;
struct common_audit_data ad;
@@ -4021,13 +4021,13 @@
return err;
/* connecting socket */
- ssec = sock->sk->sk_security;
- ssec->peer_sid = other_isec->sid;
+ sksec = sock->sk->sk_security;
+ sksec->peer_sid = other_isec->sid;
/* server child socket */
- ssec = newsk->sk_security;
- ssec->peer_sid = isec->sid;
- err = security_sid_mls_copy(other_isec->sid, ssec->peer_sid, &ssec->sid);
+ sksec = newsk->sk_security;
+ sksec->peer_sid = isec->sid;
+ err = security_sid_mls_copy(other_isec->sid, sksec->peer_sid, &sksec->sid);
return err;
}
@@ -4190,7 +4190,7 @@
int err = 0;
char *scontext;
u32 scontext_len;
- struct sk_security_struct *ssec;
+ struct sk_security_struct *sksec;
struct inode_security_struct *isec;
u32 peer_sid = SECSID_NULL;
@@ -4198,8 +4198,8 @@
if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET ||
isec->sclass == SECCLASS_TCP_SOCKET) {
- ssec = sock->sk->sk_security;
- peer_sid = ssec->peer_sid;
+ sksec = sock->sk->sk_security;
+ peer_sid = sksec->peer_sid;
}
if (peer_sid == SECSID_NULL) {
err = -ENOPROTOOPT;
@@ -4266,14 +4266,14 @@
static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
{
- struct sk_security_struct *ssec = sk->sk_security;
- struct sk_security_struct *newssec = newsk->sk_security;
+ struct sk_security_struct *sksec = sk->sk_security;
+ struct sk_security_struct *newsksec = newsk->sk_security;
- newssec->sid = ssec->sid;
- newssec->peer_sid = ssec->peer_sid;
- newssec->sclass = ssec->sclass;
+ newsksec->sid = sksec->sid;
+ newsksec->peer_sid = sksec->peer_sid;
+ newsksec->sclass = sksec->sclass;
- selinux_netlbl_sk_security_reset(newssec);
+ selinux_netlbl_sk_security_reset(newsksec);
}
static void selinux_sk_getsecid(struct sock *sk, u32 *secid)
diff --git a/security/selinux/include/netlabel.h b/security/selinux/include/netlabel.h
index 8d73842..cf2f628 100644
--- a/security/selinux/include/netlabel.h
+++ b/security/selinux/include/netlabel.h
@@ -42,8 +42,8 @@
void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway);
-void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec);
-void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec);
+void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec);
+void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec);
int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
u16 family,
@@ -79,13 +79,13 @@
}
static inline void selinux_netlbl_sk_security_free(
- struct sk_security_struct *ssec)
+ struct sk_security_struct *sksec)
{
return;
}
static inline void selinux_netlbl_sk_security_reset(
- struct sk_security_struct *ssec)
+ struct sk_security_struct *sksec)
{
return;
}
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c
index 2534400..3d09a2a 100644
--- a/security/selinux/netlabel.c
+++ b/security/selinux/netlabel.c
@@ -131,21 +131,21 @@
/**
* selinux_netlbl_sk_security_free - Free the NetLabel fields
- * @sssec: the sk_security_struct
+ * @sksec: the sk_security_struct
*
* Description:
* Free all of the memory in the NetLabel fields of a sk_security_struct.
*
*/
-void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec)
+void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec)
{
- if (ssec->nlbl_secattr != NULL)
- netlbl_secattr_free(ssec->nlbl_secattr);
+ if (sksec->nlbl_secattr != NULL)
+ netlbl_secattr_free(sksec->nlbl_secattr);
}
/**
* selinux_netlbl_sk_security_reset - Reset the NetLabel fields
- * @ssec: the sk_security_struct
+ * @sksec: the sk_security_struct
* @family: the socket family
*
* Description:
@@ -153,9 +153,9 @@
* The caller is responsibile for all the NetLabel sk_security_struct locking.
*
*/
-void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec)
+void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)
{
- ssec->nlbl_state = NLBL_UNSET;
+ sksec->nlbl_state = NLBL_UNSET;
}
/**