aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2008-04-12 22:06:42 -0400
committerDavid S. Miller <davem@davemloft.net>2008-04-12 22:06:42 -0400
commit00447872a643787411c2c0cb1df6169dda8b0c47 (patch)
treeea4215f6f3040507b46bf90fe133ca73a59c9c0e /security/selinux
parentb9f3124f08fffe2ad706fd164f6702fdca409a91 (diff)
NetLabel: Allow passing the LSM domain as a shared pointer
Smack doesn't have the need to create a private copy of the LSM "domain" when setting NetLabel security attributes like SELinux, however, the current NetLabel code requires a private copy of the LSM "domain". This patches fixes that by letting the LSM determine how it wants to pass the domain value. * NETLBL_SECATTR_DOMAIN_CPY The current behavior, NetLabel assumes that the domain value is a copy and frees it when done * NETLBL_SECATTR_DOMAIN New, Smack-friendly behavior, NetLabel assumes that the domain value is a reference to a string managed by the LSM and does not free it when done Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/ss/services.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index f37418601215..47295acd09c9 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2649,7 +2649,7 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)
2649 goto netlbl_sid_to_secattr_failure; 2649 goto netlbl_sid_to_secattr_failure;
2650 secattr->domain = kstrdup(policydb.p_type_val_to_name[ctx->type - 1], 2650 secattr->domain = kstrdup(policydb.p_type_val_to_name[ctx->type - 1],
2651 GFP_ATOMIC); 2651 GFP_ATOMIC);
2652 secattr->flags |= NETLBL_SECATTR_DOMAIN; 2652 secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY;
2653 mls_export_netlbl_lvl(ctx, secattr); 2653 mls_export_netlbl_lvl(ctx, secattr);
2654 rc = mls_export_netlbl_cat(ctx, secattr); 2654 rc = mls_export_netlbl_cat(ctx, secattr);
2655 if (rc != 0) 2655 if (rc != 0)