diff options
author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-01-06 15:24:28 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-01-06 15:24:28 -0800 |
commit | d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66 (patch) | |
tree | 0a1bc8ff40c12bb30066467e11ae9153f89514e7 /security | |
parent | 57d1c91fa6d9146b309b7511f6432dea2a24858b (diff) | |
parent | a2167dc62e9142b9a4bfb20f7e001c0f0a26fd8c (diff) | |
download | kernel-crypto-d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66.tar.gz kernel-crypto-d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66.tar.xz kernel-crypto-d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66.zip |
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/include/av_perm_to_string.h | 3 | ||||
-rw-r--r-- | security/selinux/include/av_permissions.h | 3 | ||||
-rw-r--r-- | security/selinux/xfrm.c | 8 |
3 files changed, 3 insertions, 11 deletions
diff --git a/security/selinux/include/av_perm_to_string.h b/security/selinux/include/av_perm_to_string.h index 71aeb12f07c..591e98d9315 100644 --- a/security/selinux/include/av_perm_to_string.h +++ b/security/selinux/include/av_perm_to_string.h @@ -238,5 +238,4 @@ S_(SECCLASS_NSCD, NSCD__SHMEMHOST, "shmemhost") S_(SECCLASS_ASSOCIATION, ASSOCIATION__SENDTO, "sendto") S_(SECCLASS_ASSOCIATION, ASSOCIATION__RECVFROM, "recvfrom") - S_(SECCLASS_ASSOCIATION, ASSOCIATION__RELABELFROM, "relabelfrom") - S_(SECCLASS_ASSOCIATION, ASSOCIATION__RELABELTO, "relabelto") + S_(SECCLASS_ASSOCIATION, ASSOCIATION__SETCONTEXT, "setcontext") diff --git a/security/selinux/include/av_permissions.h b/security/selinux/include/av_permissions.h index d1d0996049e..d7f02edf393 100644 --- a/security/selinux/include/av_permissions.h +++ b/security/selinux/include/av_permissions.h @@ -908,8 +908,7 @@ #define ASSOCIATION__SENDTO 0x00000001UL #define ASSOCIATION__RECVFROM 0x00000002UL -#define ASSOCIATION__RELABELFROM 0x00000004UL -#define ASSOCIATION__RELABELTO 0x00000008UL +#define ASSOCIATION__SETCONTEXT 0x00000004UL #define NETLINK_KOBJECT_UEVENT_SOCKET__IOCTL 0x00000001UL #define NETLINK_KOBJECT_UEVENT_SOCKET__READ 0x00000002UL diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index c4d87d4dca7..5b7776504e4 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c @@ -137,15 +137,9 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_us * Must be permitted to relabel from default socket type (process type) * to specified context */ - rc = avc_has_perm(tsec->sid, tsec->sid, - SECCLASS_ASSOCIATION, - ASSOCIATION__RELABELFROM, NULL); - if (rc) - goto out; - rc = avc_has_perm(tsec->sid, ctx->ctx_sid, SECCLASS_ASSOCIATION, - ASSOCIATION__RELABELTO, NULL); + ASSOCIATION__SETCONTEXT, NULL); if (rc) goto out; |