static bool checkentry(const char *tablename, const void *entry, const struct xt_target *target, void *targinfo, unsigned int hook_mask) { struct xt_secmark_target_info *info = targinfo; if (mode && mode != info->mode) { printk(KERN_INFO PFX "mode already set to %hu cannot mix with " "rules for mode %hu\n", mode, info->mode); return false; } switch (info->mode) { case SECMARK_MODE_SEL: if (!checkentry_selinux(info)) return false; break; default: printk(KERN_INFO PFX "invalid mode: %hu\n", info->mode); return false; } if (!mode) mode = info->mode; return true; }
static int secmark_tg_check(const struct xt_tgchk_param *par) { struct xt_secmark_target_info *info = par->targinfo; int err; if (strcmp(par->table, "mangle") != 0 && strcmp(par->table, "security") != 0) { pr_info("target only valid in the \'mangle\' " "or \'security\' tables, not \'%s\'.\n", par->table); return -EINVAL; } if (mode && mode != info->mode) { pr_info("mode already set to %hu cannot mix with " "rules for mode %hu\n", mode, info->mode); return -EINVAL; } switch (info->mode) { case SECMARK_MODE_SEL: err = checkentry_selinux(info); if (err) return err; break; default: pr_info("invalid mode: %hu\n", info->mode); return -EINVAL; } if (!mode) mode = info->mode; return 0; }
static bool secmark_tg_check(const struct xt_tgchk_param *par) { struct xt_secmark_target_info *info = par->targinfo; if (strcmp(par->table, "mangle") != 0 && strcmp(par->table, "security") != 0) { printk(KERN_INFO PFX "target only valid in the \'mangle\' " "or \'security\' tables, not \'%s\'.\n", par->table); return false; } if (mode && mode != info->mode) { printk(KERN_INFO PFX "mode already set to %hu cannot mix with " "rules for mode %hu\n", mode, info->mode); return false; } switch (info->mode) { case SECMARK_MODE_SEL: if (!checkentry_selinux(info)) return false; break; default: printk(KERN_INFO PFX "invalid mode: %hu\n", info->mode); return false; } if (!mode) mode = info->mode; return true; }