diff options
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/exports.c | 8 | ||||
| -rw-r--r-- | security/selinux/xfrm.c | 6 |
2 files changed, 9 insertions, 5 deletions
diff --git a/security/selinux/exports.c b/security/selinux/exports.c index cf02490cd1eb..c73aeaa008e8 100644 --- a/security/selinux/exports.c +++ b/security/selinux/exports.c | |||
| @@ -39,9 +39,13 @@ EXPORT_SYMBOL_GPL(selinux_string_to_sid); | |||
| 39 | int selinux_secmark_relabel_packet_permission(u32 sid) | 39 | int selinux_secmark_relabel_packet_permission(u32 sid) |
| 40 | { | 40 | { |
| 41 | if (selinux_enabled) { | 41 | if (selinux_enabled) { |
| 42 | struct task_security_struct *tsec = current->cred->security; | 42 | const struct task_security_struct *__tsec; |
| 43 | u32 tsid; | ||
| 43 | 44 | ||
| 44 | return avc_has_perm(tsec->sid, sid, SECCLASS_PACKET, | 45 | __tsec = current_security(); |
| 46 | tsid = __tsec->sid; | ||
| 47 | |||
| 48 | return avc_has_perm(tsid, sid, SECCLASS_PACKET, | ||
| 45 | PACKET__RELABELTO, NULL); | 49 | PACKET__RELABELTO, NULL); |
| 46 | } | 50 | } |
| 47 | return 0; | 51 | return 0; |
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index d7db76617b0e..c0eb72013d67 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c | |||
| @@ -197,7 +197,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, | |||
| 197 | struct xfrm_user_sec_ctx *uctx, u32 sid) | 197 | struct xfrm_user_sec_ctx *uctx, u32 sid) |
| 198 | { | 198 | { |
| 199 | int rc = 0; | 199 | int rc = 0; |
| 200 | struct task_security_struct *tsec = current->cred->security; | 200 | const struct task_security_struct *tsec = current_security(); |
| 201 | struct xfrm_sec_ctx *ctx = NULL; | 201 | struct xfrm_sec_ctx *ctx = NULL; |
| 202 | char *ctx_str = NULL; | 202 | char *ctx_str = NULL; |
| 203 | u32 str_len; | 203 | u32 str_len; |
| @@ -333,7 +333,7 @@ void selinux_xfrm_policy_free(struct xfrm_sec_ctx *ctx) | |||
| 333 | */ | 333 | */ |
| 334 | int selinux_xfrm_policy_delete(struct xfrm_sec_ctx *ctx) | 334 | int selinux_xfrm_policy_delete(struct xfrm_sec_ctx *ctx) |
| 335 | { | 335 | { |
| 336 | struct task_security_struct *tsec = current->cred->security; | 336 | const struct task_security_struct *tsec = current_security(); |
| 337 | int rc = 0; | 337 | int rc = 0; |
| 338 | 338 | ||
| 339 | if (ctx) { | 339 | if (ctx) { |
| @@ -378,7 +378,7 @@ void selinux_xfrm_state_free(struct xfrm_state *x) | |||
| 378 | */ | 378 | */ |
| 379 | int selinux_xfrm_state_delete(struct xfrm_state *x) | 379 | int selinux_xfrm_state_delete(struct xfrm_state *x) |
| 380 | { | 380 | { |
| 381 | struct task_security_struct *tsec = current->cred->security; | 381 | const struct task_security_struct *tsec = current_security(); |
| 382 | struct xfrm_sec_ctx *ctx = x->security; | 382 | struct xfrm_sec_ctx *ctx = x->security; |
| 383 | int rc = 0; | 383 | int rc = 0; |
| 384 | 384 | ||