diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-16 19:29:25 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-16 19:29:25 -0400 |
| commit | 7a6362800cb7d1d618a697a650c7aaed3eb39320 (patch) | |
| tree | 087f9bc6c13ef1fad4b392c5cf9325cd28fa8523 /security/selinux/hooks.c | |
| parent | 6445ced8670f37cfc2c5e24a9de9b413dbfc788d (diff) | |
| parent | ceda86a108671294052cbf51660097b6534672f5 (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1480 commits)
bonding: enable netpoll without checking link status
xfrm: Refcount destination entry on xfrm_lookup
net: introduce rx_handler results and logic around that
bonding: get rid of IFF_SLAVE_INACTIVE netdev->priv_flag
bonding: wrap slave state work
net: get rid of multiple bond-related netdevice->priv_flags
bonding: register slave pointer for rx_handler
be2net: Bump up the version number
be2net: Copyright notice change. Update to Emulex instead of ServerEngines
e1000e: fix kconfig for crc32 dependency
netfilter ebtables: fix xt_AUDIT to work with ebtables
xen network backend driver
bonding: Improve syslog message at device creation time
bonding: Call netif_carrier_off after register_netdevice
bonding: Incorrect TX queue offset
net_sched: fix ip_tos2prio
xfrm: fix __xfrm_route_forward()
be2net: Fix UDP packet detected status in RX compl
Phonet: fix aligned-mode pipe socket buffer header reserve
netxen: support for GbE port settings
...
Fix up conflicts in drivers/staging/brcm80211/brcmsmac/wl_mac80211.c
with the staging updates.
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d52a92507412..6475e1f0223e 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -4346,7 +4346,7 @@ static void selinux_secmark_refcount_dec(void) | |||
| 4346 | static void selinux_req_classify_flow(const struct request_sock *req, | 4346 | static void selinux_req_classify_flow(const struct request_sock *req, |
| 4347 | struct flowi *fl) | 4347 | struct flowi *fl) |
| 4348 | { | 4348 | { |
| 4349 | fl->secid = req->secid; | 4349 | fl->flowi_secid = req->secid; |
| 4350 | } | 4350 | } |
| 4351 | 4351 | ||
| 4352 | static int selinux_tun_dev_create(void) | 4352 | static int selinux_tun_dev_create(void) |
| @@ -4695,6 +4695,7 @@ static int selinux_netlink_recv(struct sk_buff *skb, int capability) | |||
| 4695 | { | 4695 | { |
| 4696 | int err; | 4696 | int err; |
| 4697 | struct common_audit_data ad; | 4697 | struct common_audit_data ad; |
| 4698 | u32 sid; | ||
| 4698 | 4699 | ||
| 4699 | err = cap_netlink_recv(skb, capability); | 4700 | err = cap_netlink_recv(skb, capability); |
| 4700 | if (err) | 4701 | if (err) |
| @@ -4703,8 +4704,9 @@ static int selinux_netlink_recv(struct sk_buff *skb, int capability) | |||
| 4703 | COMMON_AUDIT_DATA_INIT(&ad, CAP); | 4704 | COMMON_AUDIT_DATA_INIT(&ad, CAP); |
| 4704 | ad.u.cap = capability; | 4705 | ad.u.cap = capability; |
| 4705 | 4706 | ||
| 4706 | return avc_has_perm(NETLINK_CB(skb).sid, NETLINK_CB(skb).sid, | 4707 | security_task_getsecid(current, &sid); |
| 4707 | SECCLASS_CAPABILITY, CAP_TO_MASK(capability), &ad); | 4708 | return avc_has_perm(sid, sid, SECCLASS_CAPABILITY, |
| 4709 | CAP_TO_MASK(capability), &ad); | ||
| 4708 | } | 4710 | } |
| 4709 | 4711 | ||
| 4710 | static int ipc_alloc_security(struct task_struct *task, | 4712 | static int ipc_alloc_security(struct task_struct *task, |