aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
authorPaul Moore <pmoore@redhat.com>2015-02-17 15:30:23 -0500
committerPaul Moore <pmoore@redhat.com>2015-04-06 20:15:55 -0400
commitda8026fa0f9154b1c571c4d160dd51a7b8c34495 (patch)
tree494595cd52c3506580be0f1f08bbe20069fd6f71 /security/selinux
parent83d4a806ae46397f606de7376b831524bd3a21e5 (diff)
selinux: reconcile security_netlbl_secattr_to_sid() and mls_import_netlbl_cat()
Move the NetLabel secattr MLS category import logic into mls_import_netlbl_cat() where it belongs, and use the mls_import_netlbl_cat() function in security_netlbl_secattr_to_sid(). Reported-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se> Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/ss/mls.c10
-rw-r--r--security/selinux/ss/services.c6
2 files changed, 4 insertions, 12 deletions
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
index d307b37ddc2b..e1088842232c 100644
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -654,19 +654,15 @@ int mls_import_netlbl_cat(struct context *context,
654 654
655 rc = ebitmap_netlbl_import(&context->range.level[0].cat, 655 rc = ebitmap_netlbl_import(&context->range.level[0].cat,
656 secattr->attr.mls.cat); 656 secattr->attr.mls.cat);
657 if (rc != 0) 657 if (rc)
658 goto import_netlbl_cat_failure;
659
660 rc = ebitmap_cpy(&context->range.level[1].cat,
661 &context->range.level[0].cat);
662 if (rc != 0)
663 goto import_netlbl_cat_failure; 658 goto import_netlbl_cat_failure;
659 memcpy(&context->range.level[1].cat, &context->range.level[0].cat,
660 sizeof(context->range.level[0].cat));
664 661
665 return 0; 662 return 0;
666 663
667import_netlbl_cat_failure: 664import_netlbl_cat_failure:
668 ebitmap_destroy(&context->range.level[0].cat); 665 ebitmap_destroy(&context->range.level[0].cat);
669 ebitmap_destroy(&context->range.level[1].cat);
670 return rc; 666 return rc;
671} 667}
672#endif /* CONFIG_NETLABEL */ 668#endif /* CONFIG_NETLABEL */
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index a1d3944751b9..9e2d82070915 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -3179,13 +3179,9 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
3179 ctx_new.type = ctx->type; 3179 ctx_new.type = ctx->type;
3180 mls_import_netlbl_lvl(&ctx_new, secattr); 3180 mls_import_netlbl_lvl(&ctx_new, secattr);
3181 if (secattr->flags & NETLBL_SECATTR_MLS_CAT) { 3181 if (secattr->flags & NETLBL_SECATTR_MLS_CAT) {
3182 rc = ebitmap_netlbl_import(&ctx_new.range.level[0].cat, 3182 rc = mls_import_netlbl_cat(&ctx_new, secattr);
3183 secattr->attr.mls.cat);
3184 if (rc) 3183 if (rc)
3185 goto out; 3184 goto out;
3186 memcpy(&ctx_new.range.level[1].cat,
3187 &ctx_new.range.level[0].cat,
3188 sizeof(ctx_new.range.level[0].cat));
3189 } 3185 }
3190 rc = -EIDRM; 3186 rc = -EIDRM;
3191 if (!mls_context_isvalid(&policydb, &ctx_new)) 3187 if (!mls_context_isvalid(&policydb, &ctx_new))
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-21 10:25:13 -0500