git.baikalelectronics.ru Git - kernel.git/commit

author	Paul Moore <paul.moore@hp.com>
	Sun, 13 Apr 2008 02:07:52 +0000 (19:07 -0700)
committer	David S. Miller <davem@davemloft.net>
	Sun, 13 Apr 2008 02:07:52 +0000 (19:07 -0700)
commit	530e1a4a96d0856239a0c5326fa5a97c574ba4ca
tree	1e7f291ac6bd0c1f3a95e8252c32fcce7ff47ea7	tree \| snapshot
parent	d9c7e44e820be07e2d7048f31f607e74cdf30bc2	commit \| diff

LSM: Make the Labeled IPsec hooks more stack friendly

The xfrm_get_policy() and xfrm_add_pol_expire() put some rather large structs
on the stack to work around the LSM API. This patch attempts to fix that
problem by changing the LSM API to require only the relevant "security"
pointers instead of the entire SPD entry; we do this for all of the
security_xfrm_policy*() functions to keep things consistent.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/security.h		diff \| blob \| history
net/key/af_key.c		diff \| blob \| history
net/xfrm/xfrm_policy.c		diff \| blob \| history
net/xfrm/xfrm_user.c		diff \| blob \| history
security/dummy.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/selinux/include/xfrm.h		diff \| blob \| history
security/selinux/xfrm.c		diff \| blob \| history