diff options
| author | Kevin Hilman <khilman@linaro.org> | 2013-10-14 18:46:26 -0400 |
|---|---|---|
| committer | Kevin Hilman <khilman@linaro.org> | 2013-10-14 18:46:42 -0400 |
| commit | 5b5bbc20fdddd7dd5a2c5b9fa85dfb3b5695616d (patch) | |
| tree | 5ddd89d323e1dfe6a5ad204c34882e961ee57b9c /security/selinux/hooks.c | |
| parent | 4fd0376356ed2e1f6c2a4e8628782aedf903292e (diff) | |
| parent | 9e490f486ea9ce7644be913e03ee5ccdf1be20f7 (diff) | |
Merge tag 'omap-for-v3.13/board-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into next/boards
From Tony Lindgren:
Platform data changes for omaps for the display subsystem and
n900 secure mode changes. Note that the n900 secure mode changes
will still be needed for device tree based booting also.
* tag 'omap-for-v3.13/board-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap: (508 commits)
ARM: OMAP2+: display: Create omap_vout device inside omap_display_init
ARM: OMAP2+: display: Create omapvrfb and omapfb devices inside omap_display_init
ARM: OMAP2+: display: Create omapdrm device inside omap_display_init
ARM: OMAP2+: drm: Don't build device for DMM
RX-51: Add support for OMAP3 ROM Random Number Generator
ARM: OMAP3: RX-51: ARM errata 430973 workaround
ARM: OMAP3: Add secure function omap_smc3() which calling instruction smc #1
+Linux 3.12-rc4
Signed-off-by: Kevin Hilman <khilman@linaro.org>
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a5091ec06aa6..5b5231068516 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -1502,7 +1502,7 @@ static int cred_has_capability(const struct cred *cred, | |||
| 1502 | 1502 | ||
| 1503 | rc = avc_has_perm_noaudit(sid, sid, sclass, av, 0, &avd); | 1503 | rc = avc_has_perm_noaudit(sid, sid, sclass, av, 0, &avd); |
| 1504 | if (audit == SECURITY_CAP_AUDIT) { | 1504 | if (audit == SECURITY_CAP_AUDIT) { |
| 1505 | int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad, 0); | 1505 | int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad); |
| 1506 | if (rc2) | 1506 | if (rc2) |
| 1507 | return rc2; | 1507 | return rc2; |
| 1508 | } | 1508 | } |
| @@ -1525,8 +1525,7 @@ static int task_has_system(struct task_struct *tsk, | |||
| 1525 | static int inode_has_perm(const struct cred *cred, | 1525 | static int inode_has_perm(const struct cred *cred, |
| 1526 | struct inode *inode, | 1526 | struct inode *inode, |
| 1527 | u32 perms, | 1527 | u32 perms, |
| 1528 | struct common_audit_data *adp, | 1528 | struct common_audit_data *adp) |
| 1529 | unsigned flags) | ||
| 1530 | { | 1529 | { |
| 1531 | struct inode_security_struct *isec; | 1530 | struct inode_security_struct *isec; |
| 1532 | u32 sid; | 1531 | u32 sid; |
| @@ -1539,7 +1538,7 @@ static int inode_has_perm(const struct cred *cred, | |||
| 1539 | sid = cred_sid(cred); | 1538 | sid = cred_sid(cred); |
| 1540 | isec = inode->i_security; | 1539 | isec = inode->i_security; |
| 1541 | 1540 | ||
| 1542 | return avc_has_perm_flags(sid, isec->sid, isec->sclass, perms, adp, flags); | 1541 | return avc_has_perm(sid, isec->sid, isec->sclass, perms, adp); |
| 1543 | } | 1542 | } |
| 1544 | 1543 | ||
| 1545 | /* Same as inode_has_perm, but pass explicit audit data containing | 1544 | /* Same as inode_has_perm, but pass explicit audit data containing |
| @@ -1554,7 +1553,7 @@ static inline int dentry_has_perm(const struct cred *cred, | |||
| 1554 | 1553 | ||
| 1555 | ad.type = LSM_AUDIT_DATA_DENTRY; | 1554 | ad.type = LSM_AUDIT_DATA_DENTRY; |
| 1556 | ad.u.dentry = dentry; | 1555 | ad.u.dentry = dentry; |
| 1557 | return inode_has_perm(cred, inode, av, &ad, 0); | 1556 | return inode_has_perm(cred, inode, av, &ad); |
| 1558 | } | 1557 | } |
| 1559 | 1558 | ||
| 1560 | /* Same as inode_has_perm, but pass explicit audit data containing | 1559 | /* Same as inode_has_perm, but pass explicit audit data containing |
| @@ -1569,7 +1568,7 @@ static inline int path_has_perm(const struct cred *cred, | |||
| 1569 | 1568 | ||
| 1570 | ad.type = LSM_AUDIT_DATA_PATH; | 1569 | ad.type = LSM_AUDIT_DATA_PATH; |
| 1571 | ad.u.path = *path; | 1570 | ad.u.path = *path; |
| 1572 | return inode_has_perm(cred, inode, av, &ad, 0); | 1571 | return inode_has_perm(cred, inode, av, &ad); |
| 1573 | } | 1572 | } |
| 1574 | 1573 | ||
| 1575 | /* Same as path_has_perm, but uses the inode from the file struct. */ | 1574 | /* Same as path_has_perm, but uses the inode from the file struct. */ |
| @@ -1581,7 +1580,7 @@ static inline int file_path_has_perm(const struct cred *cred, | |||
| 1581 | 1580 | ||
| 1582 | ad.type = LSM_AUDIT_DATA_PATH; | 1581 | ad.type = LSM_AUDIT_DATA_PATH; |
| 1583 | ad.u.path = file->f_path; | 1582 | ad.u.path = file->f_path; |
| 1584 | return inode_has_perm(cred, file_inode(file), av, &ad, 0); | 1583 | return inode_has_perm(cred, file_inode(file), av, &ad); |
| 1585 | } | 1584 | } |
| 1586 | 1585 | ||
| 1587 | /* Check whether a task can use an open file descriptor to | 1586 | /* Check whether a task can use an open file descriptor to |
| @@ -1617,7 +1616,7 @@ static int file_has_perm(const struct cred *cred, | |||
| 1617 | /* av is zero if only checking access to the descriptor. */ | 1616 | /* av is zero if only checking access to the descriptor. */ |
| 1618 | rc = 0; | 1617 | rc = 0; |
| 1619 | if (av) | 1618 | if (av) |
| 1620 | rc = inode_has_perm(cred, inode, av, &ad, 0); | 1619 | rc = inode_has_perm(cred, inode, av, &ad); |
| 1621 | 1620 | ||
| 1622 | out: | 1621 | out: |
| 1623 | return rc; | 1622 | return rc; |