aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorJeremy Erickson <jerickso@cs.unc.edu>2014-04-11 13:24:45 -0400
committerJeremy Erickson <jerickso@cs.unc.edu>2014-04-11 13:24:45 -0400
commit438145c7ef5c9445f25bb8fc4d52e2c9d11fdc7c (patch)
tree76941991e36f4a32bf1be0db3854959053f24619 /security
parent9ddd1b8ad8abd321964b8add5581910de6d67c2a (diff)
Update from 2.6.36 to 2.6.36.4wip-dissipation-jerickso
Diffstat (limited to 'security')
-rw-r--r--security/integrity/ima/ima_policy.c2
-rw-r--r--security/keys/request_key.c1
-rw-r--r--security/selinux/hooks.c5
-rw-r--r--security/selinux/nlmsgtab.c2
4 files changed, 8 insertions, 2 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index aef8c0a923ab..d661afbe474c 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -253,6 +253,8 @@ static int ima_lsm_rule_init(struct ima_measure_rule_entry *entry,
253 result = security_filter_rule_init(entry->lsm[lsm_rule].type, 253 result = security_filter_rule_init(entry->lsm[lsm_rule].type,
254 Audit_equal, args, 254 Audit_equal, args,
255 &entry->lsm[lsm_rule].rule); 255 &entry->lsm[lsm_rule].rule);
256 if (!entry->lsm[lsm_rule].rule)
257 return -EINVAL;
256 return result; 258 return result;
257} 259}
258 260
diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index 0088dd8bf68a..0ea52d25a6bd 100644
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -403,7 +403,6 @@ link_check_failed:
403 return ret; 403 return ret;
404 404
405link_prealloc_failed: 405link_prealloc_failed:
406 up_write(&dest_keyring->sem);
407 mutex_unlock(&user->cons_lock); 406 mutex_unlock(&user->cons_lock);
408 kleave(" = %d [prelink]", ret); 407 kleave(" = %d [prelink]", ret);
409 return ret; 408 return ret;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4796ddd4e721..a6238281186a 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2529,7 +2529,10 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
2529 sid = tsec->sid; 2529 sid = tsec->sid;
2530 newsid = tsec->create_sid; 2530 newsid = tsec->create_sid;
2531 2531
2532 if (!newsid || !(sbsec->flags & SE_SBLABELSUPP)) { 2532 if ((sbsec->flags & SE_SBINITIALIZED) &&
2533 (sbsec->behavior == SECURITY_FS_USE_MNTPOINT))
2534 newsid = sbsec->mntpoint_sid;
2535 else if (!newsid || !(sbsec->flags & SE_SBLABELSUPP)) {
2533 rc = security_transition_sid(sid, dsec->sid, 2536 rc = security_transition_sid(sid, dsec->sid,
2534 inode_mode_to_security_class(inode->i_mode), 2537 inode_mode_to_security_class(inode->i_mode),
2535 &newsid); 2538 &newsid);
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 75ec0c6ebacd..8b02b2137da2 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -65,6 +65,8 @@ static struct nlmsg_perm nlmsg_route_perms[] =
65 { RTM_NEWADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, 65 { RTM_NEWADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
66 { RTM_DELADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, 66 { RTM_DELADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
67 { RTM_GETADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_READ }, 67 { RTM_GETADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_READ },
68 { RTM_GETDCB, NETLINK_ROUTE_SOCKET__NLMSG_READ },
69 { RTM_SETDCB, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
68}; 70};
69 71
70static struct nlmsg_perm nlmsg_firewall_perms[] = 72static struct nlmsg_perm nlmsg_firewall_perms[] =