aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/selinux/hooks.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index ac7f2b2e3924..28832e689800 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1532,8 +1532,9 @@ static int selinux_bprm_set_security(struct linux_binprm *bprm)
1532 /* Default to the current task SID. */ 1532 /* Default to the current task SID. */
1533 bsec->sid = tsec->sid; 1533 bsec->sid = tsec->sid;
1534 1534
1535 /* Reset create and sockcreate SID on execve. */ 1535 /* Reset fs, key, and sock SIDs on execve. */
1536 tsec->create_sid = 0; 1536 tsec->create_sid = 0;
1537 tsec->keycreate_sid = 0;
1537 tsec->sockcreate_sid = 0; 1538 tsec->sockcreate_sid = 0;
1538 1539
1539 if (tsec->exec_sid) { 1540 if (tsec->exec_sid) {
@@ -2586,9 +2587,10 @@ static int selinux_task_alloc_security(struct task_struct *tsk)
2586 tsec2->osid = tsec1->osid; 2587 tsec2->osid = tsec1->osid;
2587 tsec2->sid = tsec1->sid; 2588 tsec2->sid = tsec1->sid;
2588 2589
2589 /* Retain the exec, create, and sock SIDs across fork */ 2590 /* Retain the exec, fs, key, and sock SIDs across fork */
2590 tsec2->exec_sid = tsec1->exec_sid; 2591 tsec2->exec_sid = tsec1->exec_sid;
2591 tsec2->create_sid = tsec1->create_sid; 2592 tsec2->create_sid = tsec1->create_sid;
2593 tsec2->keycreate_sid = tsec1->keycreate_sid;
2592 tsec2->sockcreate_sid = tsec1->sockcreate_sid; 2594 tsec2->sockcreate_sid = tsec1->sockcreate_sid;
2593 2595
2594 /* Retain ptracer SID across fork, if any. 2596 /* Retain ptracer SID across fork, if any.