diff options
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/netlabel.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c index f58701a7b728..350794ab9b42 100644 --- a/security/selinux/netlabel.c +++ b/security/selinux/netlabel.c | |||
@@ -386,11 +386,12 @@ int selinux_netlbl_inode_permission(struct inode *inode, int mask) | |||
386 | if (!S_ISSOCK(inode->i_mode) || | 386 | if (!S_ISSOCK(inode->i_mode) || |
387 | ((mask & (MAY_WRITE | MAY_APPEND)) == 0)) | 387 | ((mask & (MAY_WRITE | MAY_APPEND)) == 0)) |
388 | return 0; | 388 | return 0; |
389 | |||
390 | sock = SOCKET_I(inode); | 389 | sock = SOCKET_I(inode); |
391 | sk = sock->sk; | 390 | sk = sock->sk; |
391 | if (sk == NULL) | ||
392 | return 0; | ||
392 | sksec = sk->sk_security; | 393 | sksec = sk->sk_security; |
393 | if (sksec->nlbl_state != NLBL_REQUIRE) | 394 | if (sksec == NULL || sksec->nlbl_state != NLBL_REQUIRE) |
394 | return 0; | 395 | return 0; |
395 | 396 | ||
396 | local_bh_disable(); | 397 | local_bh_disable(); |
@@ -490,8 +491,10 @@ int selinux_netlbl_socket_setsockopt(struct socket *sock, | |||
490 | lock_sock(sk); | 491 | lock_sock(sk); |
491 | rc = netlbl_sock_getattr(sk, &secattr); | 492 | rc = netlbl_sock_getattr(sk, &secattr); |
492 | release_sock(sk); | 493 | release_sock(sk); |
493 | if (rc == 0 && secattr.flags != NETLBL_SECATTR_NONE) | 494 | if (rc == 0) |
494 | rc = -EACCES; | 495 | rc = -EACCES; |
496 | else if (rc == -ENOMSG) | ||
497 | rc = 0; | ||
495 | netlbl_secattr_destroy(&secattr); | 498 | netlbl_secattr_destroy(&secattr); |
496 | } | 499 | } |
497 | 500 | ||