summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/selinux/hooks.c7
-rw-r--r--security/selinux/include/classmap.h4
2 files changed, 8 insertions, 3 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 9bc12bcddc2c..e6b1b7410321 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1401,7 +1401,9 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
return SECCLASS_KCM_SOCKET;
case PF_QIPCRTR:
return SECCLASS_QIPCRTR_SOCKET;
-#if PF_MAX > 43
+ case PF_SMC:
+ return SECCLASS_SMC_SOCKET;
+#if PF_MAX > 44
#error New address family defined, please update this function.
#endif
}
@@ -4363,7 +4365,8 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in
inet_get_local_port_range(sock_net(sk), &low, &high);
- if (snum < max(PROT_SOCK, low) || snum > high) {
+ if (snum < max(inet_prot_sock(sock_net(sk)), low) ||
+ snum > high) {
err = sel_netport_sid(sk->sk_protocol,
snum, &sid);
if (err)
diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h
index 7898ffa6d3e6..d429c4a1c551 100644
--- a/security/selinux/include/classmap.h
+++ b/security/selinux/include/classmap.h
@@ -229,9 +229,11 @@ struct security_class_mapping secclass_map[] = {
{ COMMON_SOCK_PERMS, NULL } },
{ "qipcrtr_socket",
{ COMMON_SOCK_PERMS, NULL } },
+ { "smc_socket",
+ { COMMON_SOCK_PERMS, NULL } },
{ NULL }
};
-#if PF_MAX > 43
+#if PF_MAX > 44
#error New address family defined, please update secclass_map.
#endif