aboutsummaryrefslogtreecommitdiff
path: root/security/selinux
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/avc.c3
-rw-r--r--security/selinux/hooks.c5
-rw-r--r--security/selinux/selinuxfs.c26
-rw-r--r--security/selinux/ss/avtab.c3
4 files changed, 17 insertions, 20 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index e7c0b5e2066..da8caf10ef9 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -332,11 +332,10 @@ static struct avc_node *avc_alloc_node(void)
{
struct avc_node *node;
- node = kmem_cache_alloc(avc_node_cachep, GFP_ATOMIC);
+ node = kmem_cache_zalloc(avc_node_cachep, GFP_ATOMIC);
if (!node)
goto out;
- memset(node, 0, sizeof(*node));
INIT_RCU_HEAD(&node->rhead);
INIT_LIST_HEAD(&node->list);
atomic_set(&node->ae.used, 1);
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 65fb5e8ea94..35eb8de892f 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -181,11 +181,10 @@ static int inode_alloc_security(struct inode *inode)
struct task_security_struct *tsec = current->security;
struct inode_security_struct *isec;
- isec = kmem_cache_alloc(sel_inode_cache, GFP_KERNEL);
+ isec = kmem_cache_zalloc(sel_inode_cache, GFP_KERNEL);
if (!isec)
return -ENOMEM;
- memset(isec, 0, sizeof(*isec));
mutex_init(&isec->lock);
INIT_LIST_HEAD(&isec->list);
isec->inode = inode;
@@ -2655,7 +2654,7 @@ static int selinux_file_send_sigiotask(struct task_struct *tsk,
struct file_security_struct *fsec;
/* struct fown_struct is never outside the context of a struct file */
- file = (struct file *)((long)fown - offsetof(struct file,f_owner));
+ file = container_of(fown, struct file, f_owner);
tsec = tsk->security;
fsec = file->f_security;
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index c8bf6e172f6..93b3177c758 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -161,7 +161,7 @@ out:
#define sel_write_enforce NULL
#endif
-static struct file_operations sel_enforce_ops = {
+static const struct file_operations sel_enforce_ops = {
.read = sel_read_enforce,
.write = sel_write_enforce,
};
@@ -211,7 +211,7 @@ out:
#define sel_write_disable NULL
#endif
-static struct file_operations sel_disable_ops = {
+static const struct file_operations sel_disable_ops = {
.write = sel_write_disable,
};
@@ -225,7 +225,7 @@ static ssize_t sel_read_policyvers(struct file *filp, char __user *buf,
return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
}
-static struct file_operations sel_policyvers_ops = {
+static const struct file_operations sel_policyvers_ops = {
.read = sel_read_policyvers,
};
@@ -242,7 +242,7 @@ static ssize_t sel_read_mls(struct file *filp, char __user *buf,
return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
}
-static struct file_operations sel_mls_ops = {
+static const struct file_operations sel_mls_ops = {
.read = sel_read_mls,
};
@@ -294,7 +294,7 @@ out:
return length;
}
-static struct file_operations sel_load_ops = {
+static const struct file_operations sel_load_ops = {
.write = sel_write_load,
};
@@ -374,7 +374,7 @@ out:
free_page((unsigned long) page);
return length;
}
-static struct file_operations sel_checkreqprot_ops = {
+static const struct file_operations sel_checkreqprot_ops = {
.read = sel_read_checkreqprot,
.write = sel_write_checkreqprot,
};
@@ -423,7 +423,7 @@ out:
free_page((unsigned long) page);
return length;
}
-static struct file_operations sel_compat_net_ops = {
+static const struct file_operations sel_compat_net_ops = {
.read = sel_read_compat_net,
.write = sel_write_compat_net,
};
@@ -467,7 +467,7 @@ static ssize_t selinux_transaction_write(struct file *file, const char __user *b
return rv;
}
-static struct file_operations transaction_ops = {
+static const struct file_operations transaction_ops = {
.write = selinux_transaction_write,
.read = simple_transaction_read,
.release = simple_transaction_release,
@@ -875,7 +875,7 @@ out:
return length;
}
-static struct file_operations sel_bool_ops = {
+static const struct file_operations sel_bool_ops = {
.read = sel_read_bool,
.write = sel_write_bool,
};
@@ -932,7 +932,7 @@ out:
return length;
}
-static struct file_operations sel_commit_bools_ops = {
+static const struct file_operations sel_commit_bools_ops = {
.write = sel_commit_bools_write,
};
@@ -1131,12 +1131,12 @@ out:
return ret;
}
-static struct file_operations sel_avc_cache_threshold_ops = {
+static const struct file_operations sel_avc_cache_threshold_ops = {
.read = sel_read_avc_cache_threshold,
.write = sel_write_avc_cache_threshold,
};
-static struct file_operations sel_avc_hash_stats_ops = {
+static const struct file_operations sel_avc_hash_stats_ops = {
.read = sel_read_avc_hash_stats,
};
@@ -1198,7 +1198,7 @@ static int sel_open_avc_cache_stats(struct inode *inode, struct file *file)
return seq_open(file, &sel_avc_cache_stats_seq_ops);
}
-static struct file_operations sel_avc_cache_stats_ops = {
+static const struct file_operations sel_avc_cache_stats_ops = {
.open = sel_open_avc_cache_stats,
.read = seq_read,
.llseek = seq_lseek,
diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
index ebb993c5c24..9142073319c 100644
--- a/security/selinux/ss/avtab.c
+++ b/security/selinux/ss/avtab.c
@@ -36,10 +36,9 @@ avtab_insert_node(struct avtab *h, int hvalue,
struct avtab_key *key, struct avtab_datum *datum)
{
struct avtab_node * newnode;
- newnode = kmem_cache_alloc(avtab_node_cachep, GFP_KERNEL);
+ newnode = kmem_cache_zalloc(avtab_node_cachep, GFP_KERNEL);
if (newnode == NULL)
return NULL;
- memset(newnode, 0, sizeof(struct avtab_node));
newnode->key = *key;
newnode->datum = *datum;
if (prev) {