diff options
author | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-03-31 21:30:25 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-03-31 21:30:25 -0800 |
commit | 2b55b78c26ba106c5caabd6a2529b8af749e4151 (patch) | |
tree | 93ac8e2d689a366dc909f73a2b8aa2ca2d426d1b | |
parent | 6a9a52cf8758e064c95bad4367f5ee9a7a852a37 (diff) | |
parent | 900cf636c1d2300b92ee3c015d4b9b453abe853c (diff) | |
download | history-2b55b78c26ba106c5caabd6a2529b8af749e4151.tar.gz |
Merge proper selinux i_sock fix.
-rw-r--r-- | security/selinux/hooks.c | 21 |
1 files changed, 3 insertions, 18 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index eeed2e32875378..8a2cc75b394859 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -877,18 +877,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent isec->initialized = 1; out: - if (S_ISSOCK(inode->i_mode)) { - struct socket *sock = SOCKET_I(inode); - if (sock->sk) { - isec->sclass = socket_type_to_security_class(sock->sk->sk_family, - sock->sk->sk_type, - sock->sk->sk_protocol); - } else { - isec->sclass = SECCLASS_SOCKET; - } - } else { + if (isec->sclass == SECCLASS_FILE) isec->sclass = inode_mode_to_security_class(inode->i_mode); - } if (hold_sem) up(&isec->sem); @@ -2979,18 +2969,15 @@ out: static void selinux_socket_post_create(struct socket *sock, int family, int type, int protocol, int kern) { - int err; struct inode_security_struct *isec; struct task_security_struct *tsec; - err = inode_doinit(SOCK_INODE(sock)); - if (err < 0) - return; isec = SOCK_INODE(sock)->i_security; tsec = current->security; isec->sclass = socket_type_to_security_class(family, type, protocol); isec->sid = kern ? SECINITSID_KERNEL : tsec->sid; + isec->initialized = 1; return; } @@ -3158,14 +3145,12 @@ static int selinux_socket_accept(struct socket *sock, struct socket *newsock) if (err) return err; - err = inode_doinit(SOCK_INODE(newsock)); - if (err < 0) - return err; newisec = SOCK_INODE(newsock)->i_security; isec = SOCK_INODE(sock)->i_security; newisec->sclass = isec->sclass; newisec->sid = isec->sid; + newisec->initialized = 1; return 0; } |