Thread (63 messages) 63 messages, 7 authors, 2020-09-10

Re: [PATCH v20 17/23] LSM: security_secid_to_secctx in netlink netfilter

From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: 2020-09-08 10:47:08
Also in: netdev, selinux 

On Wed, Aug 26, 2020 at 07:52:41AM -0700, Casey Schaufler wrote:
Change netlink netfilter interfaces to use lsmcontext
pointers, and remove scaffolding.

Reviewed-by: Kees Cook <redacted>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <redacted>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
cc: netdev@vger.kernel.org
---
 net/netfilter/nfnetlink_queue.c | 31 ++++++++++++-------------------
 1 file changed, 12 insertions(+), 19 deletions(-)
[...]
quoted hunk ↗ jump to hunk
 static u32 nfqnl_get_bridge_size(struct nf_queue_entry *entry)
@@ -401,8 +399,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue,
 	enum ip_conntrack_info ctinfo;
 	struct nfnl_ct_hook *nfnl_ct;
 	bool csum_verify;
-	struct lsmcontext scaff; /* scaffolding */
-	char *secdata = NULL;
+	struct lsmcontext context = { };
 	u32 seclen = 0;
While at it, please introduce reverse xmas tree in variable
definitions incrementally:

	struct lsmcontext context = { };
  	enum ip_conntrack_info ctinfo;
  	struct nfnl_ct_hook *nfnl_ct;
  	bool csum_verify;
 	u32 seclen = 0;

And Cc: netfilter-devel@vger.kernel.org for patches that update the
Netfilter codebase.

Thanks.
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help