selinux: Cache NetLabel secattrs in the socket's security struct

[safe/jmp/linux-2.6] / security / selinux / include / objsec.h

diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h
index ad34787..f8be8d7 100644 (file)
--- a/security/selinux/include/objsec.h
+++ b/security/selinux/include/objsec.h
@@ -109,9 +109,6 @@ struct netport_security_struct {
 };
 
 struct sk_security_struct {
-       u32 sid;                        /* SID of this object */
-       u32 peer_sid;                   /* SID of peer */
-       u16 sclass;                     /* sock security class */
 #ifdef CONFIG_NETLABEL
        enum {                          /* NetLabel state */
                NLBL_UNSET = 0,
@@ -120,7 +117,11 @@ struct sk_security_struct {
                NLBL_REQSKB,
                NLBL_CONNLABELED,
        } nlbl_state;
+       struct netlbl_lsm_secattr *nlbl_secattr; /* NetLabel sec attributes */
 #endif
+       u32 sid;                        /* SID of this object */
+       u32 peer_sid;                   /* SID of peer */
+       u16 sclass;                     /* sock security class */
 };
 
 struct key_security_struct {