summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2008-10-10 16:16:31 +0200
committerPaul Moore <paul.moore@hp.com>2008-10-10 16:16:31 +0200
commita8134296ba9940b5b271d908666e532d34430a3c (patch)
tree28ef03dc3c6a56bd43e5c9d4b8b303749e815342
parentselinux: Fix missing calls to netlbl_skbuff_err() (diff)
downloadlinux-a8134296ba9940b5b271d908666e532d34430a3c.tar.xz
linux-a8134296ba9940b5b271d908666e532d34430a3c.zip
smack: Fix missing calls to netlbl_skbuff_err()
Smack needs to call netlbl_skbuff_err() to let NetLabel do the necessary protocol specific error handling. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com>
-rw-r--r--security/smack/smack_lsm.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 87d75417ea93..6e2dc0bab70d 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2179,7 +2179,10 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
* This is the simplist possible security model
* for networking.
*/
- return smk_access(smack, ssp->smk_in, MAY_WRITE);
+ rc = smk_access(smack, ssp->smk_in, MAY_WRITE);
+ if (rc != 0)
+ netlbl_skbuff_err(skb, rc, 0);
+ return rc;
}
/**