diff options
| -rw-r--r-- | security/selinux/ss/services.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index deeec6c013ae..cad5765ca1cb 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
| @@ -479,7 +479,7 @@ static int context_struct_compute_av(struct context *scontext, | |||
| 479 | if ((constraint->permissions & (avd->allowed)) && | 479 | if ((constraint->permissions & (avd->allowed)) && |
| 480 | !constraint_expr_eval(scontext, tcontext, NULL, | 480 | !constraint_expr_eval(scontext, tcontext, NULL, |
| 481 | constraint->expr)) { | 481 | constraint->expr)) { |
| 482 | avd->allowed = (avd->allowed) & ~(constraint->permissions); | 482 | avd->allowed &= ~(constraint->permissions); |
| 483 | } | 483 | } |
| 484 | constraint = constraint->next; | 484 | constraint = constraint->next; |
| 485 | } | 485 | } |
| @@ -498,8 +498,8 @@ static int context_struct_compute_av(struct context *scontext, | |||
| 498 | break; | 498 | break; |
| 499 | } | 499 | } |
| 500 | if (!ra) | 500 | if (!ra) |
| 501 | avd->allowed = (avd->allowed) & ~(PROCESS__TRANSITION | | 501 | avd->allowed &= ~(PROCESS__TRANSITION | |
| 502 | PROCESS__DYNTRANSITION); | 502 | PROCESS__DYNTRANSITION); |
| 503 | } | 503 | } |
| 504 | 504 | ||
| 505 | /* | 505 | /* |