diff options
author | Paul Moore <paul.moore@hp.com> | 2008-10-10 16:16:33 +0200 |
---|---|---|
committer | Paul Moore <paul.moore@hp.com> | 2008-10-10 16:16:33 +0200 |
commit | 8d75899d033617316e06296b7c0729612f56aba0 (patch) | |
tree | 47ab64d46b26b86089e20c337e9ba22b00e2d94f /security/selinux | |
parent | selinux: Cache NetLabel secattrs in the socket's security struct (diff) | |
download | linux-8d75899d033617316e06296b7c0729612f56aba0.tar.xz linux-8d75899d033617316e06296b7c0729612f56aba0.zip |
netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts
This patch provides support for including the LSM's secid in addition to
the LSM's MLS information in the NetLabel security attributes structure.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/ss/services.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index c8f688a10041..ed0ca649d7db 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -2803,7 +2803,8 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) rc = -ENOMEM; goto netlbl_sid_to_secattr_failure; } - secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY; + secattr->attr.secid = sid; + secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY | NETLBL_SECATTR_SECID; mls_export_netlbl_lvl(ctx, secattr); rc = mls_export_netlbl_cat(ctx, secattr); if (rc != 0) |