[SELINUX] Fix build after ipsec decap state changes.

    security/selinux/xfrm.c: In function 'selinux_socket_getpeer_dgram':
    security/selinux/xfrm.c:284: error: 'struct sec_path' has no member named 'x'
    security/selinux/xfrm.c: In function 'selinux_xfrm_sock_rcv_skb':
    security/selinux/xfrm.c:317: error: 'struct sec_path' has no member named 'x'

Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index dfab6c886698d97f6c7d278125fd878422e8b515..abe99d8813765a977405de8246d42f9597c34341 100644 (file)
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -281,7 +281,7 @@ u32 selinux_socket_getpeer_dgram(struct sk_buff *skb)
                int i;
 
                for (i = sp->len-1; i >= 0; i--) {
-                       struct xfrm_state *x = sp->x[i].xvec;
+                       struct xfrm_state *x = sp->xvec[i];
                        if (selinux_authorizable_xfrm(x)) {
                                struct xfrm_sec_ctx *ctx = x->security;
                                return ctx->ctx_sid;
@@ -314,7 +314,7 @@ int selinux_xfrm_sock_rcv_skb(u32 isec_sid, struct sk_buff *skb)
                 *  Only need to verify the existence of an authorizable sp.
                 */
                for (i = 0; i < sp->len; i++) {
-                       struct xfrm_state *x = sp->x[i].xvec;
+                       struct xfrm_state *x = sp->xvec[i];
 
                        if (x && selinux_authorizable_xfrm(x))
                                goto accept;