lsm: split the xfrm_state_alloc_security() hook implementation
authorPaul Moore <pmoore@redhat.com>
Tue, 23 Jul 2013 21:38:38 +0000 (17:38 -0400)
committerEric Paris <eparis@redhat.com>
Thu, 25 Jul 2013 17:01:25 +0000 (13:01 -0400)
commit2e5aa86609ec1cf37bcc204fd7ba6c24c2f49fec
treedfe240f974ba5437143fa8869813ac634731d860
parent8bb495e3f02401ee6f76d1b1d77f3ac9f079e376
lsm: split the xfrm_state_alloc_security() hook implementation

The xfrm_state_alloc_security() LSM hook implementation is really a
multiplexed hook with two different behaviors depending on the
arguments passed to it by the caller.  This patch splits the LSM hook
implementation into two new hook implementations, which match the
LSM hooks in the rest of the kernel:

 * xfrm_state_alloc
 * xfrm_state_alloc_acquire

Also included in this patch are the necessary changes to the SELinux
code; no other LSMs are affected.

Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
include/linux/security.h
security/capability.c
security/security.c
security/selinux/hooks.c
security/selinux/include/xfrm.h
security/selinux/xfrm.c