Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc

[linux-2.6] / security / selinux / xfrm.c

diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index 0e24df41099fd8c5c3837c1ab9280c9b91f5767b..6c985ced810279a8325f9aba4d26384c16e0bc4c 100644 (file)
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -26,7 +26,6 @@
  *   2. Emulating a reasonable SO_PEERSEC across machines
  *   3. Testing addition of sk_policy's with security context via setsockopt
  */
-#include <linux/config.h>
 #include <linux/module.h>
 #include <linux/kernel.h>
 #include <linux/init.h>
@@ -387,18 +386,12 @@ int selinux_xfrm_postroute_last(u32 isec_sid, struct sk_buff *skb)
                        struct xfrm_state *x = dst_test->xfrm;
 
                        if (x && selinux_authorizable_xfrm(x))
-                               goto accept;
+                               goto out;
                }
        }
 
        rc = avc_has_perm(isec_sid, SECINITSID_UNLABELED, SECCLASS_ASSOCIATION,
                          ASSOCIATION__SENDTO, NULL);
-       if (rc)
-               goto drop;
-
-accept:
-       return NF_ACCEPT;
-
-drop:
-       return NF_DROP;
+out:
+       return rc;
 }