1 files changed, 33 insertions, 18 deletions

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index eefbd10e408f..8825375cc031 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -582,7 +582,7 @@ static void smack_inode_free_security(struct inode *inode)
  * Returns 0 if it all works out, -ENOMEM if there's no memory
  */
 static int smack_inode_init_security(struct inode *inode, struct inode *dir,
-                                     const struct qstr *qstr, char **name,
+                                     const struct qstr *qstr, const char **name,
                                      void **value, size_t *len)
 {
         struct inode_smack *issp = inode->i_security;
@@ -591,11 +591,8 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir,
         char *dsp = smk_of_inode(dir);
         int may;
 
-        if (name) {
-                *name = kstrdup(XATTR_SMACK_SUFFIX, GFP_NOFS);
-                if (*name == NULL)
-                        return -ENOMEM;
-        }
+        if (name)
+                *name = XATTR_SMACK_SUFFIX;
 
         if (value) {
                 rcu_read_lock();
@@ -3065,6 +3062,8 @@ static struct smack_known *smack_from_secattr(struct netlbl_lsm_secattr *sap,
 {
         struct smack_known *skp;
         int found = 0;
+        int acat;
+        int kcat;
 
         if ((sap->flags & NETLBL_SECATTR_MLS_LVL) != 0) {
                 /*
@@ -3081,12 +3080,28 @@ static struct smack_known *smack_from_secattr(struct netlbl_lsm_secattr *sap,
                 list_for_each_entry(skp, &smack_known_list, list) {
                         if (sap->attr.mls.lvl != skp->smk_netlabel.attr.mls.lvl)
                                 continue;
-                        if (memcmp(sap->attr.mls.cat,
-                                skp->smk_netlabel.attr.mls.cat,
-                                SMK_CIPSOLEN) != 0)
-                                continue;
-                        found = 1;
-                        break;
+                        /*
+                         * Compare the catsets. Use the netlbl APIs.
+                         */
+                        if ((sap->flags & NETLBL_SECATTR_MLS_CAT) == 0) {
+                                if ((skp->smk_netlabel.flags &
+                                     NETLBL_SECATTR_MLS_CAT) == 0)
+                                        found = 1;
+                                break;
+                        }
+                        for (acat = -1, kcat = -1; acat == kcat; ) {
+                                acat = netlbl_secattr_catmap_walk(
+                                        sap->attr.mls.cat, acat + 1);
+                                kcat = netlbl_secattr_catmap_walk(
+                                        skp->smk_netlabel.attr.mls.cat,
+                                        kcat + 1);
+                                if (acat < 0 || kcat < 0)
+                                        break;
+                        }
+                        if (acat == kcat) {
+                                found = 1;
+                                break;
+                        }
                 }
                 rcu_read_unlock();
 
@@ -3877,12 +3892,12 @@ static __init void init_smack_known_list(void)
         /*
          * Create the known labels list
          */
-        list_add(&smack_known_huh.list, &smack_known_list);
-        list_add(&smack_known_hat.list, &smack_known_list);
-        list_add(&smack_known_star.list, &smack_known_list);
-        list_add(&smack_known_floor.list, &smack_known_list);
-        list_add(&smack_known_invalid.list, &smack_known_list);
-        list_add(&smack_known_web.list, &smack_known_list);
+        smk_insert_entry(&smack_known_huh);
+        smk_insert_entry(&smack_known_hat);
+        smk_insert_entry(&smack_known_star);
+        smk_insert_entry(&smack_known_floor);
+        smk_insert_entry(&smack_known_invalid);
+        smk_insert_entry(&smack_known_web);
 }
 
 /**