diff options
author | Paul Moore <paul.moore@hp.com> | 2008-01-29 14:37:59 +0100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-01-29 22:17:19 +0100 |
commit | 16efd45435fa695b501b7f73c3259bd7c77cc12c (patch) | |
tree | f26eb84f65192eb0a17aca399fd405100e4be974 /security/selinux/ss/services.c | |
parent | NetLabel: Consolidate the LSM domain mapping/hashing locks (diff) | |
download | linux-16efd45435fa695b501b7f73c3259bd7c77cc12c.tar.xz linux-16efd45435fa695b501b7f73c3259bd7c77cc12c.zip |
NetLabel: Add secid token support to the NetLabel secattr struct
This patch adds support to the NetLabel LSM secattr struct for a secid token
and a type field, paving the way for full LSM/SELinux context support and
"static" or "fallback" labels. In addition, this patch adds a fair amount
of documentation to the core NetLabel structures used as part of the
NetLabel kernel API.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to '')
-rw-r--r-- | security/selinux/ss/services.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 4bf715d4cf29..0f97ef578370 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -2550,6 +2550,9 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, default: goto netlbl_secattr_to_sid_return; } + } else if (secattr->flags & NETLBL_SECATTR_SECID) { + *sid = secattr->attr.secid; + rc = 0; } else if (secattr->flags & NETLBL_SECATTR_MLS_LVL) { ctx = sidtab_search(&sidtab, base_sid); if (ctx == NULL) @@ -2561,7 +2564,7 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr, mls_import_netlbl_lvl(&ctx_new, secattr); if (secattr->flags & NETLBL_SECATTR_MLS_CAT) { if (ebitmap_netlbl_import(&ctx_new.range.level[0].cat, - secattr->mls_cat) != 0) + secattr->attr.mls.cat) != 0) goto netlbl_secattr_to_sid_return; ctx_new.range.level[1].cat.highbit = ctx_new.range.level[0].cat.highbit; |