git://ftp.safe.ca / safe / jmp / linux-2.6 / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
NetLabel: Cleanup the LSM domain hash functions
[safe/jmp/linux-2.6] / net / netlabel / netlabel_cipso_v4.c
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c
index 4afc75f..becf91a 100644 (file)
--- a/net/netlabel/netlabel_cipso_v4.c
+++ b/net/netlabel/netlabel_cipso_v4.c
@@ -38,9 +38,11 @@
 #include <net/genetlink.h>
 #include <net/netlabel.h>
 #include <net/cipso_ipv4.h>
+#include <asm/atomic.h>
 
 #include "netlabel_user.h"
 #include "netlabel_cipso_v4.h"
+#include "netlabel_mgmt.h"
 
 /* Argument struct for cipso_v4_doi_walk() */
 struct netlbl_cipsov4_doiwalk_arg {
@@ -59,7 +61,7 @@ static struct genl_family netlbl_cipsov4_gnl_family = {
 };
 
 /* NetLabel Netlink attribute policy */
-static struct nla_policy netlbl_cipsov4_genl_policy[NLBL_CIPSOV4_A_MAX + 1] = {
+static const struct nla_policy netlbl_cipsov4_genl_policy[NLBL_CIPSOV4_A_MAX + 1] = {
        [NLBL_CIPSOV4_A_DOI] = { .type = NLA_U32 },
        [NLBL_CIPSOV4_A_MTYPE] = { .type = NLA_U32 },
        [NLBL_CIPSOV4_A_TAG] = { .type = NLA_U8 },
@@ -129,13 +131,13 @@ static int netlbl_cipsov4_add_common(struct genl_info *info,
                return -EINVAL;
 
        nla_for_each_nested(nla, info->attrs[NLBL_CIPSOV4_A_TAGLST], nla_rem)
-               if (nla->nla_type == NLBL_CIPSOV4_A_TAG) {
-                       if (iter > CIPSO_V4_TAG_MAXCNT)
+               if (nla_type(nla) == NLBL_CIPSOV4_A_TAG) {
+                       if (iter >= CIPSO_V4_TAG_MAXCNT)
                                return -EINVAL;
                        doi_def->tags[iter++] = nla_get_u8(nla);
                }
-       if (iter < CIPSO_V4_TAG_MAXCNT)
-               doi_def->tags[iter] = CIPSO_V4_TAG_INVALID;
+       while (iter < CIPSO_V4_TAG_MAXCNT)
+               doi_def->tags[iter++] = CIPSO_V4_TAG_INVALID;
 
        return 0;
 }
@@ -191,13 +193,13 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
        nla_for_each_nested(nla_a,
                            info->attrs[NLBL_CIPSOV4_A_MLSLVLLST],
                            nla_a_rem)
-               if (nla_a->nla_type == NLBL_CIPSOV4_A_MLSLVL) {
+               if (nla_type(nla_a) == NLBL_CIPSOV4_A_MLSLVL) {
                        if (nla_validate_nested(nla_a,
                                            NLBL_CIPSOV4_A_MAX,
                                            netlbl_cipsov4_genl_policy) != 0)
                                        goto add_std_failure;
                        nla_for_each_nested(nla_b, nla_a, nla_b_rem)
-                               switch (nla_b->nla_type) {
+                               switch (nla_type(nla_b)) {
                                case NLBL_CIPSOV4_A_MLSLVLLOC:
                                        if (nla_get_u32(nla_b) >
                                            CIPSO_V4_MAX_LOC_LVLS)
@@ -239,7 +241,7 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
        nla_for_each_nested(nla_a,
                            info->attrs[NLBL_CIPSOV4_A_MLSLVLLST],
                            nla_a_rem)
-               if (nla_a->nla_type == NLBL_CIPSOV4_A_MLSLVL) {
+               if (nla_type(nla_a) == NLBL_CIPSOV4_A_MLSLVL) {
                        struct nlattr *lvl_loc;
                        struct nlattr *lvl_rem;
 
@@ -264,13 +266,13 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
                nla_for_each_nested(nla_a,
                                    info->attrs[NLBL_CIPSOV4_A_MLSCATLST],
                                    nla_a_rem)
-                       if (nla_a->nla_type == NLBL_CIPSOV4_A_MLSCAT) {
+                       if (nla_type(nla_a) == NLBL_CIPSOV4_A_MLSCAT) {
                                if (nla_validate_nested(nla_a,
                                              NLBL_CIPSOV4_A_MAX,
                                              netlbl_cipsov4_genl_policy) != 0)
                                        goto add_std_failure;
                                nla_for_each_nested(nla_b, nla_a, nla_b_rem)
-                                       switch (nla_b->nla_type) {
+                                       switch (nla_type(nla_b)) {
                                        case NLBL_CIPSOV4_A_MLSCATLOC:
                                                if (nla_get_u32(nla_b) >
                                                    CIPSO_V4_MAX_LOC_CATS)
@@ -292,7 +294,7 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
                                        }
                        }
                doi_def->map.std->cat.local = kcalloc(
-                                             doi_def->map.std->cat.local_size,
+                                             doi_def->map.std->cat.local_size,
                                              sizeof(u32),
                                              GFP_KERNEL);
                if (doi_def->map.std->cat.local == NULL) {
@@ -300,7 +302,7 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
                        goto add_std_failure;
                }
                doi_def->map.std->cat.cipso = kcalloc(
-                                             doi_def->map.std->cat.cipso_size,
+                                             doi_def->map.std->cat.cipso_size,
                                              sizeof(u32),
                                              GFP_KERNEL);
                if (doi_def->map.std->cat.cipso == NULL) {
@@ -314,7 +316,7 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
                nla_for_each_nested(nla_a,
                                    info->attrs[NLBL_CIPSOV4_A_MLSCATLST],
                                    nla_a_rem)
-                       if (nla_a->nla_type == NLBL_CIPSOV4_A_MLSCAT) {
+                       if (nla_type(nla_a) == NLBL_CIPSOV4_A_MLSCAT) {
                                struct nlattr *cat_loc;
                                struct nlattr *cat_rem;
 
@@ -325,10 +327,10 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
                                if (cat_loc == NULL || cat_rem == NULL)
                                        goto add_std_failure;
                                doi_def->map.std->cat.local[
-                                                       nla_get_u32(cat_loc)] =
+                                                       nla_get_u32(cat_loc)] =
                                        nla_get_u32(cat_rem);
                                doi_def->map.std->cat.cipso[
-                                                       nla_get_u32(cat_rem)] =
+                                                       nla_get_u32(cat_rem)] =
                                        nla_get_u32(cat_loc);
                        }
        }
@@ -419,6 +421,8 @@ static int netlbl_cipsov4_add(struct sk_buff *skb, struct genl_info *info)
                ret_val = netlbl_cipsov4_add_pass(info);
                break;
        }
+       if (ret_val == 0)
+               atomic_inc(&netlabel_mgmt_protocount);
 
        audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_ADD,
                                              &audit_info);
@@ -694,6 +698,8 @@ static int netlbl_cipsov4_remove(struct sk_buff *skb, struct genl_info *info)
        ret_val = cipso_v4_doi_remove(doi,
                                      &audit_info,
                                      netlbl_cipsov4_doi_free);
+       if (ret_val == 0)
+               atomic_dec(&netlabel_mgmt_protocount);
 
        audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_DEL,
                                              &audit_info);
Full containers within linux kernel