Merge branch 'master' of git://git.infradead.org/users/pcmoore/selinux into next

Conflicts:
	security/selinux/hooks.c

Resolved using request struct.

Signed-off-by: James Morris <james.l.morris@oracle.com>

diff --combined security/selinux/hooks.c
index 6625699f497c7f3889f7b82b325a315c9e51774a,6ace9b3abf0d222d1c44c261916f096ec2a2b291..3219560f9fae17598dde8bc70285f2fb1846e63a
--- 1/security/selinux/hooks.c
--- 2/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@@ -82,7 -82,6 +82,6 @@@
  #include <linux/syslog.h>
  #include <linux/user_namespace.h>
  #include <linux/export.h>
- #include <linux/security.h>
  #include <linux/msg.h>
  #include <linux/shm.h>
  
@@@ -3990,7 -3989,7 +3989,7 @@@ static int selinux_socket_bind(struct s
                if (snum) {
                        int low, high;
  
 -                      inet_get_local_port_range(&low, &high);
 +                      inet_get_local_port_range(sock_net(sk), &low, &high);
  
                        if (snum < max(PROT_SOCK, low) || snum > high) {
                                err = sel_netport_sid(sk->sk_protocol,
@@@ -4474,14 -4473,10 +4473,10 @@@ static int selinux_inet_conn_request(st
  {
        struct sk_security_struct *sksec = sk->sk_security;
        int err;
-       u16 family = sk->sk_family;
+       u16 family = req->rsk_ops->family;
        u32 connsid;
        u32 peersid;
  
-       /* handle mapped IPv4 packets arriving via IPv6 sockets */
-       if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP))
-               family = PF_INET;
- 
        err = selinux_skb_peerlbl_sid(skb, family, &peersid);
        if (err)
                return err;
@@@ -4726,7 -4721,7 +4721,7 @@@ static unsigned int selinux_ip_forward(
        return NF_ACCEPT;
  }
  
 -static unsigned int selinux_ipv4_forward(unsigned int hooknum,
 +static unsigned int selinux_ipv4_forward(const struct nf_hook_ops *ops,
                                         struct sk_buff *skb,
                                         const struct net_device *in,
                                         const struct net_device *out,
@@@ -4736,7 -4731,7 +4731,7 @@@
  }
  
  #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
 -static unsigned int selinux_ipv6_forward(unsigned int hooknum,
 +static unsigned int selinux_ipv6_forward(const struct nf_hook_ops *ops,
                                         struct sk_buff *skb,
                                         const struct net_device *in,
                                         const struct net_device *out,
@@@ -4788,7 -4783,7 +4783,7 @@@ static unsigned int selinux_ip_output(s
        return NF_ACCEPT;
  }
  
 -static unsigned int selinux_ipv4_output(unsigned int hooknum,
 +static unsigned int selinux_ipv4_output(const struct nf_hook_ops *ops,
                                        struct sk_buff *skb,
                                        const struct net_device *in,
                                        const struct net_device *out,
@@@ -4962,7 -4957,7 +4957,7 @@@ static unsigned int selinux_ip_postrout
        return NF_ACCEPT;
  }
  
 -static unsigned int selinux_ipv4_postroute(unsigned int hooknum,
 +static unsigned int selinux_ipv4_postroute(const struct nf_hook_ops *ops,
                                           struct sk_buff *skb,
                                           const struct net_device *in,
                                           const struct net_device *out,
@@@ -4972,7 -4967,7 +4967,7 @@@
  }
  
  #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
 -static unsigned int selinux_ipv6_postroute(unsigned int hooknum,
 +static unsigned int selinux_ipv6_postroute(const struct nf_hook_ops *ops,
                                           struct sk_buff *skb,
                                           const struct net_device *in,
                                           const struct net_device *out,