diff options
| author | Alexey Dobriyan <adobriyan@gmail.com> | 2008-07-26 17:48:15 -0700 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-07-26 17:48:15 -0700 |
| commit | 6c5a9d2e1599a099b0e47235a1c1502162b14310 (patch) | |
| tree | 517e577b1485b8a40458cff1e3780eab556f4749 | |
| parent | e40f51a36a6ca718e829c0933ab1e79333ac932e (diff) | |
selinux: use nf_register_hooks()
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | security/selinux/hooks.c | 27 |
1 files changed, 8 insertions, 19 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 63f131fc42e..df0515dd4d1 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -5670,27 +5670,20 @@ static struct nf_hook_ops selinux_ipv6_ops[] = { static int __init selinux_nf_ip_init(void) { int err = 0; - u32 iter; if (!selinux_enabled) goto out; printk(KERN_DEBUG "SELinux: Registering netfilter hooks\n"); - for (iter = 0; iter < ARRAY_SIZE(selinux_ipv4_ops); iter++) { - err = nf_register_hook(&selinux_ipv4_ops[iter]); - if (err) - panic("SELinux: nf_register_hook for IPv4: error %d\n", - err); - } + err = nf_register_hooks(selinux_ipv4_ops, ARRAY_SIZE(selinux_ipv4_ops)); + if (err) + panic("SELinux: nf_register_hooks for IPv4: error %d\n", err); #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) - for (iter = 0; iter < ARRAY_SIZE(selinux_ipv6_ops); iter++) { - err = nf_register_hook(&selinux_ipv6_ops[iter]); - if (err) - panic("SELinux: nf_register_hook for IPv6: error %d\n", - err); - } + err = nf_register_hooks(selinux_ipv6_ops, ARRAY_SIZE(selinux_ipv6_ops)); + if (err) + panic("SELinux: nf_register_hooks for IPv6: error %d\n", err); #endif /* IPV6 */ out: @@ -5702,15 +5695,11 @@ __initcall(selinux_nf_ip_init); #ifdef CONFIG_SECURITY_SELINUX_DISABLE static void selinux_nf_ip_exit(void) { - u32 iter; - printk(KERN_DEBUG "SELinux: Unregistering netfilter hooks\n"); - for (iter = 0; iter < ARRAY_SIZE(selinux_ipv4_ops); iter++) - nf_unregister_hook(&selinux_ipv4_ops[iter]); + nf_unregister_hooks(selinux_ipv4_ops, ARRAY_SIZE(selinux_ipv4_ops)); #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) - for (iter = 0; iter < ARRAY_SIZE(selinux_ipv6_ops); iter++) - nf_unregister_hook(&selinux_ipv6_ops[iter]); + nf_unregister_hooks(selinux_ipv6_ops, ARRAY_SIZE(selinux_ipv6_ops)); #endif /* IPV6 */ } #endif |