From da5645a28a15aed2e541a814ecf9f7ffcd4c4673 Mon Sep 17 00:00:00 2001 From: Paul Moore Date: Tue, 29 Jan 2008 08:38:10 -0500 Subject: SELinux: Only store the network interface's ifindex Instead of storing the packet's network interface name store the ifindex. This allows us to defer the need to lookup the net_device structure until the audit record is generated meaning that in the majority of cases we never need to bother with this at all. Signed-off-by: Paul Moore Signed-off-by: James Morris --- security/selinux/include/avc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'security/selinux/include/avc.h') diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index 553607a19e92..80c28fa6621c 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h @@ -51,7 +51,7 @@ struct avc_audit_data { struct inode *inode; } fs; struct { - char *netif; + int netif; struct sock *sk; u16 family; __be16 dport; -- cgit v1.2.1