1 files changed, 30 insertions, 2 deletions
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
index 640d0bfdbc68..7bc5b6440f70 100644
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -8,7 +8,7 @@
 *
 *      Support for enhanced MLS infrastructure.
 *
- * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
+ * Copyright (C) 2004-2006 Trusted Computer Solutions, Inc.
 */
 #include <linux/kernel.h>
@@ -264,7 +264,7 @@ int mls_context_to_sid(char oldc,
        if (!selinux_mls_enabled) {
                if (def_sid != SECSID_NULL && oldc)
-                        *scontext += strlen(*scontext);
+                        *scontext += strlen(*scontext)+1;
                return 0;
        }
@@ -385,6 +385,34 @@ out:
 }
 /*
+ * Set the MLS fields in the security context structure
+ * `context' based on the string representation in
+ * the string `str'.  This function will allocate temporary memory with the
+ * given constraints of gfp_mask.
+ */
+int mls_from_string(char *str, struct context *context, gfp_t gfp_mask)
+{
+        char *tmpstr, *freestr;
+        int rc;
+        if (!selinux_mls_enabled)
+                return -EINVAL;
+        /* we need freestr because mls_context_to_sid will change
+           the value of tmpstr */
+        tmpstr = freestr = kstrdup(str, gfp_mask);
+        if (!tmpstr) {
+                rc = -ENOMEM;
+        } else {
+                rc = mls_context_to_sid(':', &tmpstr, context,
+                                        NULL, SECSID_NULL);
+                kfree(freestr);
+        }
+        return rc;
+}
+/*
 * Copies the effective MLS range from `src' into `dst'.
 */
 static inline int mls_scopy_context(struct context *dst,

diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index 640d0bfdbc68..7bc5b6440f70 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c
@@ -8,7 +8,7 @@
8	*	8	*
9	* Support for enhanced MLS infrastructure.	9	* Support for enhanced MLS infrastructure.
10	*	10	*
11	* Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.	11	* Copyright (C) 2004-2006 Trusted Computer Solutions, Inc.
12	*/	12	*/
13		13
14	#include <linux/kernel.h>	14	#include <linux/kernel.h>
@@ -264,7 +264,7 @@ int mls_context_to_sid(char oldc,
264		264
265	if (!selinux_mls_enabled) {	265	if (!selinux_mls_enabled) {
266	if (def_sid != SECSID_NULL && oldc)	266	if (def_sid != SECSID_NULL && oldc)
267	scontext += strlen(scontext);	267	scontext += strlen(scontext)+1;
268	return 0;	268	return 0;
269	}	269	}
270		270
@@ -385,6 +385,34 @@ out:
385	}	385	}
386		386
387	/*	387	/*
		388	* Set the MLS fields in the security context structure
		389	* `context' based on the string representation in
		390	* the string `str'. This function will allocate temporary memory with the
		391	* given constraints of gfp_mask.
		392	*/
		393	int mls_from_string(char str, struct context context, gfp_t gfp_mask)
		394	{
		395	char tmpstr, freestr;
		396	int rc;
		397
		398	if (!selinux_mls_enabled)
		399	return -EINVAL;
		400
		401	/* we need freestr because mls_context_to_sid will change
		402	the value of tmpstr */
		403	tmpstr = freestr = kstrdup(str, gfp_mask);
		404	if (!tmpstr) {
		405	rc = -ENOMEM;
		406	} else {
		407	rc = mls_context_to_sid(':', &tmpstr, context,
		408	NULL, SECSID_NULL);
		409	kfree(freestr);
		410	}
		411
		412	return rc;
		413	}
		414
		415	/*
388	* Copies the effective MLS range from `src' into `dst'.	416	* Copies the effective MLS range from `src' into `dst'.
389	*/	417	*/
390	static inline int mls_scopy_context(struct context *dst,	418	static inline int mls_scopy_context(struct context *dst,