Commit 4baabeec authored by Paul Moore's avatar Paul Moore Committed by Eric Paris

selinux: cleanup some comment and whitespace issues in the XFRM code

Signed-off-by: default avatarPaul Moore <pmoore@redhat.com>
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
parent eef9b416
...@@ -56,7 +56,7 @@ ...@@ -56,7 +56,7 @@
atomic_t selinux_xfrm_refcount = ATOMIC_INIT(0); atomic_t selinux_xfrm_refcount = ATOMIC_INIT(0);
/* /*
* Returns true if an LSM/SELinux context * Returns true if the context is an LSM/SELinux context.
*/ */
static inline int selinux_authorizable_ctx(struct xfrm_sec_ctx *ctx) static inline int selinux_authorizable_ctx(struct xfrm_sec_ctx *ctx)
{ {
...@@ -66,7 +66,7 @@ static inline int selinux_authorizable_ctx(struct xfrm_sec_ctx *ctx) ...@@ -66,7 +66,7 @@ static inline int selinux_authorizable_ctx(struct xfrm_sec_ctx *ctx)
} }
/* /*
* Returns true if the xfrm contains a security blob for SELinux * Returns true if the xfrm contains a security blob for SELinux.
*/ */
static inline int selinux_authorizable_xfrm(struct xfrm_state *x) static inline int selinux_authorizable_xfrm(struct xfrm_state *x)
{ {
...@@ -149,8 +149,8 @@ static int selinux_xfrm_delete(struct xfrm_sec_ctx *ctx) ...@@ -149,8 +149,8 @@ static int selinux_xfrm_delete(struct xfrm_sec_ctx *ctx)
} }
/* /*
* LSM hook implementation that authorizes that a flow can use * LSM hook implementation that authorizes that a flow can use a xfrm policy
* a xfrm policy rule. * rule.
*/ */
int selinux_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir) int selinux_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir)
{ {
...@@ -213,7 +213,6 @@ int selinux_xfrm_state_pol_flow_match(struct xfrm_state *x, ...@@ -213,7 +213,6 @@ int selinux_xfrm_state_pol_flow_match(struct xfrm_state *x,
* LSM hook implementation that checks and/or returns the xfrm sid for the * LSM hook implementation that checks and/or returns the xfrm sid for the
* incoming packet. * incoming packet.
*/ */
int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall) int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall)
{ {
struct sec_path *sp; struct sec_path *sp;
...@@ -248,8 +247,7 @@ int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall) ...@@ -248,8 +247,7 @@ int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall)
} }
/* /*
* LSM hook implementation that allocs and transfers uctx spec to * LSM hook implementation that allocs and transfers uctx spec to xfrm_policy.
* xfrm_policy.
*/ */
int selinux_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, int selinux_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp,
struct xfrm_user_sec_ctx *uctx) struct xfrm_user_sec_ctx *uctx)
...@@ -257,10 +255,9 @@ int selinux_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, ...@@ -257,10 +255,9 @@ int selinux_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp,
return selinux_xfrm_alloc_user(ctxp, uctx); return selinux_xfrm_alloc_user(ctxp, uctx);
} }
/* /*
* LSM hook implementation that copies security data structure from old to * LSM hook implementation that copies security data structure from old to new
* new for policy cloning. * for policy cloning.
*/ */
int selinux_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx, int selinux_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx,
struct xfrm_sec_ctx **new_ctxp) struct xfrm_sec_ctx **new_ctxp)
...@@ -352,7 +349,7 @@ void selinux_xfrm_state_free(struct xfrm_state *x) ...@@ -352,7 +349,7 @@ void selinux_xfrm_state_free(struct xfrm_state *x)
selinux_xfrm_free(x->security); selinux_xfrm_free(x->security);
} }
/* /*
* LSM hook implementation that authorizes deletion of labeled SAs. * LSM hook implementation that authorizes deletion of labeled SAs.
*/ */
int selinux_xfrm_state_delete(struct xfrm_state *x) int selinux_xfrm_state_delete(struct xfrm_state *x)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment