diff options
Diffstat (limited to 'security/selinux/netlink.c')
-rw-r--r-- | security/selinux/netlink.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c index 161e01a6c7e..8a77725423e 100644 --- a/security/selinux/netlink.c +++ b/security/selinux/netlink.c | |||
@@ -19,6 +19,7 @@ | |||
19 | #include <linux/netlink.h> | 19 | #include <linux/netlink.h> |
20 | #include <linux/selinux_netlink.h> | 20 | #include <linux/selinux_netlink.h> |
21 | #include <net/net_namespace.h> | 21 | #include <net/net_namespace.h> |
22 | #include <net/netlink.h> | ||
22 | 23 | ||
23 | #include "security.h" | 24 | #include "security.h" |
24 | 25 | ||
@@ -47,7 +48,7 @@ static void selnl_add_payload(struct nlmsghdr *nlh, int len, int msgtype, void * | |||
47 | { | 48 | { |
48 | switch (msgtype) { | 49 | switch (msgtype) { |
49 | case SELNL_MSG_SETENFORCE: { | 50 | case SELNL_MSG_SETENFORCE: { |
50 | struct selnl_msg_setenforce *msg = NLMSG_DATA(nlh); | 51 | struct selnl_msg_setenforce *msg = nlmsg_data(nlh); |
51 | 52 | ||
52 | memset(msg, 0, len); | 53 | memset(msg, 0, len); |
53 | msg->val = *((int *)data); | 54 | msg->val = *((int *)data); |
@@ -55,7 +56,7 @@ static void selnl_add_payload(struct nlmsghdr *nlh, int len, int msgtype, void * | |||
55 | } | 56 | } |
56 | 57 | ||
57 | case SELNL_MSG_POLICYLOAD: { | 58 | case SELNL_MSG_POLICYLOAD: { |
58 | struct selnl_msg_policyload *msg = NLMSG_DATA(nlh); | 59 | struct selnl_msg_policyload *msg = nlmsg_data(nlh); |
59 | 60 | ||
60 | memset(msg, 0, len); | 61 | memset(msg, 0, len); |
61 | msg->seqno = *((u32 *)data); | 62 | msg->seqno = *((u32 *)data); |
@@ -81,7 +82,9 @@ static void selnl_notify(int msgtype, void *data) | |||
81 | goto oom; | 82 | goto oom; |
82 | 83 | ||
83 | tmp = skb->tail; | 84 | tmp = skb->tail; |
84 | nlh = NLMSG_PUT(skb, 0, 0, msgtype, len); | 85 | nlh = nlmsg_put(skb, 0, 0, msgtype, len, 0); |
86 | if (!nlh) | ||
87 | goto out_kfree_skb; | ||
85 | selnl_add_payload(nlh, len, msgtype, data); | 88 | selnl_add_payload(nlh, len, msgtype, data); |
86 | nlh->nlmsg_len = skb->tail - tmp; | 89 | nlh->nlmsg_len = skb->tail - tmp; |
87 | NETLINK_CB(skb).dst_group = SELNLGRP_AVC; | 90 | NETLINK_CB(skb).dst_group = SELNLGRP_AVC; |
@@ -89,7 +92,7 @@ static void selnl_notify(int msgtype, void *data) | |||
89 | out: | 92 | out: |
90 | return; | 93 | return; |
91 | 94 | ||
92 | nlmsg_failure: | 95 | out_kfree_skb: |
93 | kfree_skb(skb); | 96 | kfree_skb(skb); |
94 | oom: | 97 | oom: |
95 | printk(KERN_ERR "SELinux: OOM in %s\n", __func__); | 98 | printk(KERN_ERR "SELinux: OOM in %s\n", __func__); |
@@ -108,8 +111,12 @@ void selnl_notify_policyload(u32 seqno) | |||
108 | 111 | ||
109 | static int __init selnl_init(void) | 112 | static int __init selnl_init(void) |
110 | { | 113 | { |
114 | struct netlink_kernel_cfg cfg = { | ||
115 | .groups = SELNLGRP_MAX, | ||
116 | }; | ||
117 | |||
111 | selnl = netlink_kernel_create(&init_net, NETLINK_SELINUX, | 118 | selnl = netlink_kernel_create(&init_net, NETLINK_SELINUX, |
112 | SELNLGRP_MAX, NULL, NULL, THIS_MODULE); | 119 | THIS_MODULE, &cfg); |
113 | if (selnl == NULL) | 120 | if (selnl == NULL) |
114 | panic("SELinux: Cannot create netlink socket."); | 121 | panic("SELinux: Cannot create netlink socket."); |
115 | netlink_set_nonroot(NETLINK_SELINUX, NL_NONROOT_RECV); | 122 | netlink_set_nonroot(NETLINK_SELINUX, NL_NONROOT_RECV); |