netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full...
authorPaul Moore <paul.moore@hp.com>
Fri, 10 Oct 2008 14:16:33 +0000 (10:16 -0400)
committerPaul Moore <paul.moore@hp.com>
Fri, 10 Oct 2008 14:16:33 +0000 (10:16 -0400)
This patch provides support for including the LSM's secid in addition to
the LSM's MLS information in the NetLabel security attributes structure.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: James Morris <jmorris@namei.org>
include/net/netlabel.h
security/selinux/ss/services.c

index 074cad40ac66c43c215b768448743301b41a07c8..d56517ac3bae5d188a693809dc75c0012593511a 100644 (file)
@@ -203,7 +203,7 @@ struct netlbl_lsm_secattr {
        u32 type;
        char *domain;
        struct netlbl_lsm_cache *cache;
-       union {
+       struct {
                struct {
                        struct netlbl_lsm_secattr_catmap *cat;
                        u32 lvl;
index c8f688a1004157059b889782d45c0cb494e24235..ed0ca649d7dbde097aa3cc32d4b307513eb17b9c 100644 (file)
@@ -2803,7 +2803,8 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)
                rc = -ENOMEM;
                goto netlbl_sid_to_secattr_failure;
        }
-       secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY;
+       secattr->attr.secid = sid;
+       secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY | NETLBL_SECATTR_SECID;
        mls_export_netlbl_lvl(ctx, secattr);
        rc = mls_export_netlbl_cat(ctx, secattr);
        if (rc != 0)