diff options
-rw-r--r-- | security/selinux/hooks.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ac7f2b2e3924..28832e689800 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -1532,8 +1532,9 @@ static int selinux_bprm_set_security(struct linux_binprm *bprm) | |||
1532 | /* Default to the current task SID. */ | 1532 | /* Default to the current task SID. */ |
1533 | bsec->sid = tsec->sid; | 1533 | bsec->sid = tsec->sid; |
1534 | 1534 | ||
1535 | /* Reset create and sockcreate SID on execve. */ | 1535 | /* Reset fs, key, and sock SIDs on execve. */ |
1536 | tsec->create_sid = 0; | 1536 | tsec->create_sid = 0; |
1537 | tsec->keycreate_sid = 0; | ||
1537 | tsec->sockcreate_sid = 0; | 1538 | tsec->sockcreate_sid = 0; |
1538 | 1539 | ||
1539 | if (tsec->exec_sid) { | 1540 | if (tsec->exec_sid) { |
@@ -2586,9 +2587,10 @@ static int selinux_task_alloc_security(struct task_struct *tsk) | |||
2586 | tsec2->osid = tsec1->osid; | 2587 | tsec2->osid = tsec1->osid; |
2587 | tsec2->sid = tsec1->sid; | 2588 | tsec2->sid = tsec1->sid; |
2588 | 2589 | ||
2589 | /* Retain the exec, create, and sock SIDs across fork */ | 2590 | /* Retain the exec, fs, key, and sock SIDs across fork */ |
2590 | tsec2->exec_sid = tsec1->exec_sid; | 2591 | tsec2->exec_sid = tsec1->exec_sid; |
2591 | tsec2->create_sid = tsec1->create_sid; | 2592 | tsec2->create_sid = tsec1->create_sid; |
2593 | tsec2->keycreate_sid = tsec1->keycreate_sid; | ||
2592 | tsec2->sockcreate_sid = tsec1->sockcreate_sid; | 2594 | tsec2->sockcreate_sid = tsec1->sockcreate_sid; |
2593 | 2595 | ||
2594 | /* Retain ptracer SID across fork, if any. | 2596 | /* Retain ptracer SID across fork, if any. |