Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney...

[mv-sheeva.git] / net / netfilter / xt_SECMARK.c

diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c
index f1131c3a9db5bcfd174911b45336d7aa3052621a..235806eb6ecd725c1b43d3598483922d339bd6e0 100644 (file)
--- a/net/netfilter/xt_SECMARK.c
+++ b/net/netfilter/xt_SECMARK.c
@@ -28,7 +28,7 @@ MODULE_ALIAS("ip6t_SECMARK");
 
 static u8 mode;
 
-static unsigned int target(struct sk_buff **pskb, const struct net_device *in,
+static unsigned int target(struct sk_buff *skb, const struct net_device *in,
                           const struct net_device *out, unsigned int hooknum,
                           const struct xt_target *target,
                           const void *targinfo)
@@ -47,15 +47,15 @@ static unsigned int target(struct sk_buff **pskb, const struct net_device *in,
                BUG();
        }
 
-       (*pskb)->secmark = secmark;
+       skb->secmark = secmark;
        return XT_CONTINUE;
 }
 
-static int checkentry_selinux(struct xt_secmark_target_info *info)
+static bool checkentry_selinux(struct xt_secmark_target_info *info)
 {
        int err;
        struct xt_secmark_target_selinux_info *sel = &info->u.sel;
-       
+
        sel->selctx[SECMARK_SELCTX_MAX - 1] = '\0';
 
        err = selinux_string_to_sid(sel->selctx, &sel->selsid);
@@ -63,53 +63,53 @@ static int checkentry_selinux(struct xt_secmark_target_info *info)
                if (err == -EINVAL)
                        printk(KERN_INFO PFX "invalid SELinux context \'%s\'\n",
                               sel->selctx);
-               return 0;
+               return false;
        }
 
        if (!sel->selsid) {
                printk(KERN_INFO PFX "unable to map SELinux context \'%s\'\n",
                       sel->selctx);
-               return 0;
+               return false;
        }
 
        err = selinux_relabel_packet_permission(sel->selsid);
        if (err) {
                printk(KERN_INFO PFX "unable to obtain relabeling permission\n");
-               return 0;
+               return false;
        }
 
-       return 1;
+       return true;
 }
 
-static int checkentry(const char *tablename, const void *entry,
-                     const struct xt_target *target, void *targinfo,
-                     unsigned int hook_mask)
+static bool checkentry(const char *tablename, const void *entry,
+                      const struct xt_target *target, void *targinfo,
+                      unsigned int hook_mask)
 {
        struct xt_secmark_target_info *info = targinfo;
 
        if (mode && mode != info->mode) {
                printk(KERN_INFO PFX "mode already set to %hu cannot mix with "
                       "rules for mode %hu\n", mode, info->mode);
-               return 0;
+               return false;
        }
 
        switch (info->mode) {
        case SECMARK_MODE_SEL:
                if (!checkentry_selinux(info))
-                       return 0;
+                       return false;
                break;
 
        default:
                printk(KERN_INFO PFX "invalid mode: %hu\n", info->mode);
-               return 0;
+               return false;
        }
 
        if (!mode)
                mode = info->mode;
-       return 1;
+       return true;
 }
 
-static struct xt_target xt_secmark_target[] = {
+static struct xt_target xt_secmark_target[] __read_mostly = {
        {
                .name           = "SECMARK",
                .family         = AF_INET,