Update from 2.6.36 to 2.6.36.4wip-dissipation-jerickso

2 files changed, 6 insertions, 1 deletions

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4796ddd4e721..a6238281186a 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2529,7 +2529,10 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
         sid = tsec->sid;
         newsid = tsec->create_sid;
 
-        if (!newsid || !(sbsec->flags & SE_SBLABELSUPP)) {
+        if ((sbsec->flags & SE_SBINITIALIZED) &&
+            (sbsec->behavior == SECURITY_FS_USE_MNTPOINT))
+                newsid = sbsec->mntpoint_sid;
+        else if (!newsid || !(sbsec->flags & SE_SBLABELSUPP)) {
                 rc = security_transition_sid(sid, dsec->sid,
                                              inode_mode_to_security_class(inode->i_mode),
                                              &newsid);
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 75ec0c6ebacd..8b02b2137da2 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -65,6 +65,8 @@ static struct nlmsg_perm nlmsg_route_perms[] =
         { RTM_NEWADDRLABEL,     NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
         { RTM_DELADDRLABEL,     NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
         { RTM_GETADDRLABEL,     NETLINK_ROUTE_SOCKET__NLMSG_READ  },
+        { RTM_GETDCB,           NETLINK_ROUTE_SOCKET__NLMSG_READ  },
+        { RTM_SETDCB,           NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
 };
 
 static struct nlmsg_perm nlmsg_firewall_perms[] =