diff options
-rw-r--r-- | security/selinux/include/xfrm.h | 9 | ||||
-rw-r--r-- | security/selinux/ss/services.c | 6 |
2 files changed, 12 insertions, 3 deletions
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h index 161eb57..31929e3 100644 --- a/security/selinux/include/xfrm.h +++ b/security/selinux/include/xfrm.h @@ -37,6 +37,11 @@ int selinux_xfrm_sock_rcv_skb(u32 sid, struct sk_buff *skb, int selinux_xfrm_postroute_last(u32 isec_sid, struct sk_buff *skb, struct avc_audit_data *ad, u8 proto); int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall); + +static inline void selinux_xfrm_notify_policyload(void) +{ + atomic_inc(&flow_cache_genid); +} #else static inline int selinux_xfrm_sock_rcv_skb(u32 isec_sid, struct sk_buff *skb, struct avc_audit_data *ad) @@ -55,6 +60,10 @@ static inline int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int *sid = SECSID_NULL; return 0; } + +static inline void selinux_xfrm_notify_policyload(void) +{ +} #endif static inline void selinux_skb_xfrm_sid(struct sk_buff *skb, u32 *sid) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index ff03933..ca9154d 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1299,7 +1299,7 @@ int security_load_policy(void *data, size_t len) avc_ss_reset(seqno); selnl_notify_policyload(seqno); selinux_netlbl_cache_invalidate(); - atomic_inc(&flow_cache_genid); + selinux_xfrm_notify_policyload(); return 0; } @@ -1355,7 +1355,7 @@ int security_load_policy(void *data, size_t len) avc_ss_reset(seqno); selnl_notify_policyload(seqno); selinux_netlbl_cache_invalidate(); - atomic_inc(&flow_cache_genid); + selinux_xfrm_notify_policyload(); return 0; @@ -1855,7 +1855,7 @@ out: if (!rc) { avc_ss_reset(seqno); selnl_notify_policyload(seqno); - atomic_inc(&flow_cache_genid); + selinux_xfrm_notify_policyload(); } return rc; } |