diff options
author | rwatson <rwatson@FreeBSD.org> | 2009-06-03 19:41:12 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2009-06-03 19:41:12 +0000 |
commit | 386cecbc6710dbb69f2cbf6d865fd60b8dd331f1 (patch) | |
tree | 1fd78c1fda6cda27c4b38950caa54e876da4141c /sys/security/mac/mac_net.c | |
parent | 437ea46b9f305a7035242b8063bd5ddb34621722 (diff) | |
download | FreeBSD-src-386cecbc6710dbb69f2cbf6d865fd60b8dd331f1.zip FreeBSD-src-386cecbc6710dbb69f2cbf6d865fd60b8dd331f1.tar.gz |
Add one further check with mac_policy_count to an mbuf copying case
(limited to netatalk) to avoid MAC label lookup on both mbufs if no
policies are registered.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/security/mac/mac_net.c')
-rw-r--r-- | sys/security/mac/mac_net.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/security/mac/mac_net.c b/sys/security/mac/mac_net.c index 73154148..ed33885 100644 --- a/sys/security/mac/mac_net.c +++ b/sys/security/mac/mac_net.c @@ -258,6 +258,9 @@ mac_mbuf_copy(struct mbuf *m_from, struct mbuf *m_to) { struct label *src_label, *dest_label; + if (mac_policy_count == 0) + return; + src_label = mac_mbuf_to_label(m_from); dest_label = mac_mbuf_to_label(m_to); |