diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/hooks.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index b6c378dd4f12..b85afcf38527 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -69,6 +69,7 @@ | |||
69 | #include <linux/sysctl.h> | 69 | #include <linux/sysctl.h> |
70 | #include <linux/audit.h> | 70 | #include <linux/audit.h> |
71 | #include <linux/string.h> | 71 | #include <linux/string.h> |
72 | #include <linux/selinux.h> | ||
72 | 73 | ||
73 | #include "avc.h" | 74 | #include "avc.h" |
74 | #include "objsec.h" | 75 | #include "objsec.h" |
@@ -3420,7 +3421,13 @@ out: | |||
3420 | static int selinux_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata, u32 *seclen) | 3421 | static int selinux_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata, u32 *seclen) |
3421 | { | 3422 | { |
3422 | int err = 0; | 3423 | int err = 0; |
3423 | u32 peer_sid = selinux_socket_getpeer_dgram(skb); | 3424 | u32 peer_sid; |
3425 | |||
3426 | if (skb->sk->sk_family == PF_UNIX) | ||
3427 | selinux_get_inode_sid(SOCK_INODE(skb->sk->sk_socket), | ||
3428 | &peer_sid); | ||
3429 | else | ||
3430 | peer_sid = selinux_socket_getpeer_dgram(skb); | ||
3424 | 3431 | ||
3425 | if (peer_sid == SECSID_NULL) | 3432 | if (peer_sid == SECSID_NULL) |
3426 | return -EINVAL; | 3433 | return -EINVAL; |
@@ -3432,8 +3439,6 @@ static int selinux_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata, | |||
3432 | return 0; | 3439 | return 0; |
3433 | } | 3440 | } |
3434 | 3441 | ||
3435 | |||
3436 | |||
3437 | static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority) | 3442 | static int selinux_sk_alloc_security(struct sock *sk, int family, gfp_t priority) |
3438 | { | 3443 | { |
3439 | return sk_alloc_security(sk, family, priority); | 3444 | return sk_alloc_security(sk, family, priority); |