From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Port labeling is based on port number and protocol (TCP/UDP/...) but not
based on network family (IPv4/IPv6).
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
security/selinux/netport.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/security/selinux/netport.c b/security/selinux/netport.c
index 2a315dcc4344..cfa55d703ce1 100644
--- a/security/selinux/netport.c
+++ b/security/selinux/netport.c
@@ -47,12 +47,6 @@ struct sel_netport {
struct rcu_head rcu;
};
-/* NOTE: we are using a combined hash table for both IPv4 and IPv6, the reason
- * for this is that I suspect most users will not make heavy use of both
- * address families at the same time so one table will usually end up wasted,
- * if this becomes a problem we can always add a hash table for each address
- * family later */
-
static DEFINE_SPINLOCK(sel_netport_lock);
static struct sel_netport_bkt sel_netport_hash[SEL_NETPORT_HASH_SIZE];
--
2.49.0
