• P
    [XFRM]: Assorted IPsec fixups · 68277acc
    Paul Moore 提交于
    This patch fixes a number of small but potentially troublesome things in the
    XFRM/IPsec code:
    
     * Use the 'audit_enabled' variable already in include/linux/audit.h
       Removed the need for extern declarations local to each XFRM audit fuction
    
     * Convert 'sid' to 'secid' everywhere we can
       The 'sid' name is specific to SELinux, 'secid' is the common naming
       convention used by the kernel when refering to tokenized LSM labels,
       unfortunately we have to leave 'ctx_sid' in 'struct xfrm_sec_ctx' otherwise
       we risk breaking userspace
    
     * Convert address display to use standard NIP* macros
       Similar to what was recently done with the SPD audit code, this also also
       includes the removal of some unnecessary memcpy() calls
    
     * Move common code to xfrm_audit_common_stateinfo()
       Code consolidation from the "less is more" book on software development
    
     * Proper spacing around commas in function arguments
       Minor style tweak since I was already touching the code
    Signed-off-by: NPaul Moore <paul.moore@hp.com>
    Acked-by: NJames Morris <jmorris@namei.org>
    Signed-off-by: NDavid S. Miller <davem@davemloft.net>
    68277acc
xfrm_policy.c 61.7 KB