projects / kernel / linux-3.0.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Revert "SMACK: netework label match fix"
[kernel/linux-3.0.git] / security / smack / smack_lsm.c
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 18ac646..4e98d66 100644 (file)
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2823,8 +2823,6 @@ static char *smack_from_secattr(struct netlbl_lsm_secattr *sap,
        struct smack_known *kp;
        char *sp;
        int found = 0;
-       int acat;
-       int kcat;
 
        if ((sap->flags & NETLBL_SECATTR_MLS_LVL) != 0) {
                /*
@@ -2841,28 +2839,12 @@ static char *smack_from_secattr(struct netlbl_lsm_secattr *sap,
                list_for_each_entry(kp, &smack_known_list, list) {
                        if (sap->attr.mls.lvl != kp->smk_netlabel.attr.mls.lvl)
                                continue;
-                       /*
-                        * Compare the catsets. Use the netlbl APIs.
-                        */
-                       if ((sap->flags & NETLBL_SECATTR_MLS_CAT) == 0) {
-                               if ((kp->smk_netlabel.flags &
-                                    NETLBL_SECATTR_MLS_CAT) == 0)
-                                       found = 1;
-                               break;
-                       }
-                       for (acat = -1, kcat = -1; acat == kcat; ) {
-                               acat = netlbl_secattr_catmap_walk(
-                                       sap->attr.mls.cat, acat + 1);
-                               kcat = netlbl_secattr_catmap_walk(
-                                       kp->smk_netlabel.attr.mls.cat,
-                                       kcat + 1);
-                               if (acat < 0 || kcat < 0)
-                                       break;
-                       }
-                       if (acat == kcat) {
-                               found = 1;
-                               break;
-                       }
+                       if (memcmp(sap->attr.mls.cat,
+                               kp->smk_netlabel.attr.mls.cat,
+                               SMK_CIPSOLEN) != 0)
+                               continue;
+                       found = 1;
+                       break;
                }
                rcu_read_unlock();
 
Domain: System / Kernel;