1 files changed, 44 insertions, 0 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index a7f61d52f05c..9cd9b7c661ec 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -133,6 +133,16 @@ static struct policydb_compat_info policydb_compat[] = {
                .sym_num        = SYM_NUM,
                .ocon_num       = OCON_NUM,
        },
+        {
+                .version        = POLICYDB_VERSION_NEW_OBJECT_DEFAULTS,
+                .sym_num        = SYM_NUM,
+                .ocon_num       = OCON_NUM,
+        },
+        {
+                .version        = POLICYDB_VERSION_DEFAULT_TYPE,
+                .sym_num        = SYM_NUM,
+                .ocon_num       = OCON_NUM,
+        },
 };
 static struct policydb_compat_info *policydb_lookup_compat(int version)
@@ -1306,6 +1316,23 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
                        goto bad;
        }
+        if (p->policyvers >= POLICYDB_VERSION_NEW_OBJECT_DEFAULTS) {
+                rc = next_entry(buf, fp, sizeof(u32) * 3);
+                if (rc)
+                        goto bad;
+                cladatum->default_user = le32_to_cpu(buf[0]);
+                cladatum->default_role = le32_to_cpu(buf[1]);
+                cladatum->default_range = le32_to_cpu(buf[2]);
+        }
+        if (p->policyvers >= POLICYDB_VERSION_DEFAULT_TYPE) {
+                rc = next_entry(buf, fp, sizeof(u32) * 1);
+                if (rc)
+                        goto bad;
+                cladatum->default_type = le32_to_cpu(buf[0]);
+        }
        rc = hashtab_insert(h, key, cladatum);
        if (rc)
                goto bad;
@@ -2832,6 +2859,23 @@ static int class_write(void *vkey, void *datum, void *ptr)
        if (rc)
                return rc;
+        if (p->policyvers >= POLICYDB_VERSION_NEW_OBJECT_DEFAULTS) {
+                buf[0] = cpu_to_le32(cladatum->default_user);
+                buf[1] = cpu_to_le32(cladatum->default_role);
+                buf[2] = cpu_to_le32(cladatum->default_range);
+                rc = put_entry(buf, sizeof(uint32_t), 3, fp);
+                if (rc)
+                        return rc;
+        }
+        if (p->policyvers >= POLICYDB_VERSION_DEFAULT_TYPE) {
+                buf[0] = cpu_to_le32(cladatum->default_type);
+                rc = put_entry(buf, sizeof(uint32_t), 1, fp);
+                if (rc)
+                        return rc;
+        }
        return 0;
 }

diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index a7f61d52f05c..9cd9b7c661ec 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c
@@ -133,6 +133,16 @@ static struct policydb_compat_info policydb_compat[] = {
133	.sym_num = SYM_NUM,	133	.sym_num = SYM_NUM,
134	.ocon_num = OCON_NUM,	134	.ocon_num = OCON_NUM,
135	},	135	},
		136	{
		137	.version = POLICYDB_VERSION_NEW_OBJECT_DEFAULTS,
		138	.sym_num = SYM_NUM,
		139	.ocon_num = OCON_NUM,
		140	},
		141	{
		142	.version = POLICYDB_VERSION_DEFAULT_TYPE,
		143	.sym_num = SYM_NUM,
		144	.ocon_num = OCON_NUM,
		145	},
136	};	146	};
137		147
138	static struct policydb_compat_info *policydb_lookup_compat(int version)	148	static struct policydb_compat_info *policydb_lookup_compat(int version)
@@ -1306,6 +1316,23 @@ static int class_read(struct policydb p, struct hashtab h, void *fp)
1306	goto bad;	1316	goto bad;
1307	}	1317	}
1308		1318
		1319	if (p->policyvers >= POLICYDB_VERSION_NEW_OBJECT_DEFAULTS) {
		1320	rc = next_entry(buf, fp, sizeof(u32) * 3);
		1321	if (rc)
		1322	goto bad;
		1323
		1324	cladatum->default_user = le32_to_cpu(buf[0]);
		1325	cladatum->default_role = le32_to_cpu(buf[1]);
		1326	cladatum->default_range = le32_to_cpu(buf[2]);
		1327	}
		1328
		1329	if (p->policyvers >= POLICYDB_VERSION_DEFAULT_TYPE) {
		1330	rc = next_entry(buf, fp, sizeof(u32) * 1);
		1331	if (rc)
		1332	goto bad;
		1333	cladatum->default_type = le32_to_cpu(buf[0]);
		1334	}
		1335
1309	rc = hashtab_insert(h, key, cladatum);	1336	rc = hashtab_insert(h, key, cladatum);
1310	if (rc)	1337	if (rc)
1311	goto bad;	1338	goto bad;
@@ -2832,6 +2859,23 @@ static int class_write(void vkey, void datum, void *ptr)
2832	if (rc)	2859	if (rc)
2833	return rc;	2860	return rc;
2834		2861
		2862	if (p->policyvers >= POLICYDB_VERSION_NEW_OBJECT_DEFAULTS) {
		2863	buf[0] = cpu_to_le32(cladatum->default_user);
		2864	buf[1] = cpu_to_le32(cladatum->default_role);
		2865	buf[2] = cpu_to_le32(cladatum->default_range);
		2866
		2867	rc = put_entry(buf, sizeof(uint32_t), 3, fp);
		2868	if (rc)
		2869	return rc;
		2870	}
		2871
		2872	if (p->policyvers >= POLICYDB_VERSION_DEFAULT_TYPE) {
		2873	buf[0] = cpu_to_le32(cladatum->default_type);
		2874	rc = put_entry(buf, sizeof(uint32_t), 1, fp);
		2875	if (rc)
		2876	return rc;
		2877	}
		2878
2835	return 0;	2879	return 0;
2836	}	2880	}
2837		2881