aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/selinux/ss/services.c20
1 files changed, 9 insertions, 11 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 3e7544d2a07b..03f7a4748ee8 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1484,17 +1484,15 @@ static int security_compute_sid(u32 ssid,
1484 tcontext->type, tclass, qstr); 1484 tcontext->type, tclass, qstr);
1485 1485
1486 /* Check for class-specific changes. */ 1486 /* Check for class-specific changes. */
1487 if (tclass == policydb.process_class) { 1487 if (specified & AVTAB_TRANSITION) {
1488 if (specified & AVTAB_TRANSITION) { 1488 /* Look for a role transition rule. */
1489 /* Look for a role transition rule. */ 1489 for (roletr = policydb.role_tr; roletr; roletr = roletr->next) {
1490 for (roletr = policydb.role_tr; roletr; 1490 if ((roletr->role == scontext->role) &&
1491 roletr = roletr->next) { 1491 (roletr->type == tcontext->type) &&
1492 if (roletr->role == scontext->role && 1492 (roletr->tclass == tclass)) {
1493 roletr->type == tcontext->type) { 1493 /* Use the role transition rule. */
1494 /* Use the role transition rule. */ 1494 newcontext.role = roletr->new_role;
1495 newcontext.role = roletr->new_role; 1495 break;
1496 break;
1497 }
1498 } 1496 }
1499 } 1497 }
1500 } 1498 }