e8bfdb9d0d
The current SELinux netif code requires the caller have a valid net_device struct pointer to lookup network interface information. However, we don't always have a valid net_device pointer so convert the netif code to use the ifindex values we always have as part of the sk_buff. This patch also removes the default message SID from the network interface record, it is not being used and therefore is "dead code". Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
23 lines
724 B
C
23 lines
724 B
C
/*
|
|
* Network interface table.
|
|
*
|
|
* Network interfaces (devices) do not have a security field, so we
|
|
* maintain a table associating each interface with a SID.
|
|
*
|
|
* Author: James Morris <jmorris@redhat.com>
|
|
*
|
|
* Copyright (C) 2003 Red Hat, Inc., James Morris <jmorris@redhat.com>
|
|
* Copyright (C) 2007 Hewlett-Packard Development Company, L.P.
|
|
* Paul Moore, <paul.moore@hp.com>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2,
|
|
* as published by the Free Software Foundation.
|
|
*/
|
|
#ifndef _SELINUX_NETIF_H_
|
|
#define _SELINUX_NETIF_H_
|
|
|
|
int sel_netif_sid(int ifindex, u32 *sid);
|
|
|
|
#endif /* _SELINUX_NETIF_H_ */
|
|
|