aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 419491d8e7d2..6625699f497c 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4334,8 +4334,10 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
4334 } 4334 }
4335 err = avc_has_perm(sk_sid, peer_sid, SECCLASS_PEER, 4335 err = avc_has_perm(sk_sid, peer_sid, SECCLASS_PEER,
4336 PEER__RECV, &ad); 4336 PEER__RECV, &ad);
4337 if (err) 4337 if (err) {
4338 selinux_netlbl_err(skb, err, 0); 4338 selinux_netlbl_err(skb, err, 0);
4339 return err;
4340 }
4339 } 4341 }
4340 4342
4341 if (secmark_active) { 4343 if (secmark_active) {
@@ -5586,11 +5588,11 @@ static int selinux_setprocattr(struct task_struct *p,
5586 /* Check for ptracing, and update the task SID if ok. 5588 /* Check for ptracing, and update the task SID if ok.
5587 Otherwise, leave SID unchanged and fail. */ 5589 Otherwise, leave SID unchanged and fail. */
5588 ptsid = 0; 5590 ptsid = 0;
5589 task_lock(p); 5591 rcu_read_lock();
5590 tracer = ptrace_parent(p); 5592 tracer = ptrace_parent(p);
5591 if (tracer) 5593 if (tracer)
5592 ptsid = task_sid(tracer); 5594 ptsid = task_sid(tracer);
5593 task_unlock(p); 5595 rcu_read_unlock();
5594 5596
5595 if (tracer) { 5597 if (tracer) {
5596 error = avc_has_perm(ptsid, sid, SECCLASS_PROCESS, 5598 error = avc_has_perm(ptsid, sid, SECCLASS_PROCESS,
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-11 23:38:48 -0400