From patchwork Mon Oct 6 19:21:30 2008 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Moore X-Patchwork-Id: 2964 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by ozlabs.org (Postfix) with ESMTP id E3370DDE04 for ; Tue, 7 Oct 2008 06:22:20 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754587AbYJFTVk (ORCPT ); Mon, 6 Oct 2008 15:21:40 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1752727AbYJFTVj (ORCPT ); Mon, 6 Oct 2008 15:21:39 -0400 Received: from g1t0028.austin.hp.com ([15.216.28.35]:33998 "EHLO g1t0028.austin.hp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753251AbYJFTVc (ORCPT ); Mon, 6 Oct 2008 15:21:32 -0400 Received: from g5t0029.atlanta.hp.com (g5t0029.atlanta.hp.com [16.228.8.141]) by g1t0028.austin.hp.com (Postfix) with ESMTP id 675D41C6C2; Mon, 6 Oct 2008 19:21:32 +0000 (UTC) Received: from ldl.fc.hp.com (ldl.fc.hp.com [15.11.146.30]) by g5t0029.atlanta.hp.com (Postfix) with ESMTP id 41CEA101E8; Mon, 6 Oct 2008 19:21:32 +0000 (UTC) Received: from localhost (ldl.fc.hp.com [127.0.0.1]) by ldl.fc.hp.com (Postfix) with ESMTP id DFC7A13401E; Mon, 6 Oct 2008 13:21:31 -0600 (MDT) X-Virus-Scanned: Debian amavisd-new at ldl.fc.hp.com Received: from ldl.fc.hp.com ([127.0.0.1]) by localhost (ldl.fc.hp.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rqVDufgsFx+d; Mon, 6 Oct 2008 13:21:31 -0600 (MDT) Received: from flek.lan (squirrel.fc.hp.com [15.11.146.57]) by ldl.fc.hp.com (Postfix) with ESMTP id CFF5313401D; Mon, 6 Oct 2008 13:21:30 -0600 (MDT) From: Paul Moore Subject: [PATCH v7 15/17] netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts To: selinux@tycho.nsa.gov, netdev@vger.kernel.org, linux-security-module@vger.kernel.org Date: Mon, 06 Oct 2008 15:21:30 -0400 Message-ID: <20081006192130.15686.45936.stgit@flek.lan> In-Reply-To: <20081006191516.15686.80823.stgit@flek.lan> References: <20081006191516.15686.80823.stgit@flek.lan> User-Agent: StGIT/0.13 MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This patch provides support for including the LSM's secid in addition to the LSM's MLS information in the NetLabel security attributes structure. Signed-off-by: Paul Moore Acked-by: James Morris --- include/net/netlabel.h | 2 +- security/selinux/ss/services.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 074cad4..d56517a 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -203,7 +203,7 @@ struct netlbl_lsm_secattr { u32 type; char *domain; struct netlbl_lsm_cache *cache; - union { + struct { struct { struct netlbl_lsm_secattr_catmap *cat; u32 lvl; diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index c8f688a..ed0ca64 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -2803,7 +2803,8 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr) rc = -ENOMEM; goto netlbl_sid_to_secattr_failure; } - secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY; + secattr->attr.secid = sid; + secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY | NETLBL_SECATTR_SECID; mls_export_netlbl_lvl(ctx, secattr); rc = mls_export_netlbl_cat(ctx, secattr); if (rc != 0)