From: Paul Moore Date: Fri, 10 Oct 2008 14:16:33 +0000 (-0400) Subject: netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full... X-Git-Tag: v2.6.28-rc1~609^2~1^2^2~2 X-Git-Url: http://pilppa.com/gitweb/?a=commitdiff_plain;h=8d75899d033617316e06296b7c0729612f56aba0;p=linux-2.6-omap-h63xx.git netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts This patch provides support for including the LSM's secid in addition to the LSM's MLS information in the NetLabel security attributes structure. Signed-off-by: Paul Moore Acked-by: James Morris --- diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 074cad40ac6..d56517ac3ba 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -203,7 +203,7 @@ struct netlbl_lsm_secattr { u32 type; char *domain; struct netlbl_lsm_cache *cache; - union { + struct { struct { struct netlbl_lsm_secattr_catmap *cat; u32 lvl; diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index c8f688a1004..ed0ca649d7d 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -2803,7 +2803,8 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) rc = -ENOMEM; goto netlbl_sid_to_secattr_failure; } - secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY; + secattr->attr.secid = sid; + secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY | NETLBL_SECATTR_SECID; mls_export_netlbl_lvl(ctx, secattr); rc = mls_export_netlbl_cat(ctx, secattr); if (rc != 0)