diff options
Diffstat (limited to 'security/selinux/netlabel.c')
| -rw-r--r-- | security/selinux/netlabel.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c index e64eca246f1a..ed9155b29c1a 100644 --- a/security/selinux/netlabel.c +++ b/security/selinux/netlabel.c | |||
| @@ -155,6 +155,11 @@ int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, u32 base_sid, u32 *sid) | |||
| 155 | int rc; | 155 | int rc; |
| 156 | struct netlbl_lsm_secattr secattr; | 156 | struct netlbl_lsm_secattr secattr; |
| 157 | 157 | ||
| 158 | if (!netlbl_enabled()) { | ||
| 159 | *sid = SECSID_NULL; | ||
| 160 | return 0; | ||
| 161 | } | ||
| 162 | |||
| 158 | netlbl_secattr_init(&secattr); | 163 | netlbl_secattr_init(&secattr); |
| 159 | rc = netlbl_skbuff_getattr(skb, &secattr); | 164 | rc = netlbl_skbuff_getattr(skb, &secattr); |
| 160 | if (rc == 0 && secattr.flags != NETLBL_SECATTR_NONE) | 165 | if (rc == 0 && secattr.flags != NETLBL_SECATTR_NONE) |
| @@ -298,6 +303,9 @@ int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec, | |||
| 298 | u32 netlbl_sid; | 303 | u32 netlbl_sid; |
| 299 | u32 recv_perm; | 304 | u32 recv_perm; |
| 300 | 305 | ||
| 306 | if (!netlbl_enabled()) | ||
| 307 | return 0; | ||
| 308 | |||
| 301 | rc = selinux_netlbl_skbuff_getsid(skb, | 309 | rc = selinux_netlbl_skbuff_getsid(skb, |
| 302 | SECINITSID_UNLABELED, | 310 | SECINITSID_UNLABELED, |
| 303 | &netlbl_sid); | 311 | &netlbl_sid); |