Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8d75899d authored by Paul Moore's avatar Paul Moore
Browse files

netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts



This patch provides support for including the LSM's secid in addition to
the LSM's MLS information in the NetLabel security attributes structure.

Signed-off-by: default avatarPaul Moore <paul.moore@hp.com>
Acked-by: default avatarJames Morris <jmorris@namei.org>
parent 6c5b3fc0
Loading
Loading
Loading
Loading
+1 −1
Original line number Diff line number Diff line
@@ -203,7 +203,7 @@ struct netlbl_lsm_secattr {
	u32 type;
	char *domain;
	struct netlbl_lsm_cache *cache;
	union {
	struct {
		struct {
			struct netlbl_lsm_secattr_catmap *cat;
			u32 lvl;
+2 −1
Original line number Diff line number Diff line
@@ -2803,7 +2803,8 @@ int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)
		rc = -ENOMEM;
		goto netlbl_sid_to_secattr_failure;
	}
	secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY;
	secattr->attr.secid = sid;
	secattr->flags |= NETLBL_SECATTR_DOMAIN_CPY | NETLBL_SECATTR_SECID;
	mls_export_netlbl_lvl(ctx, secattr);
	rc = mls_export_netlbl_cat(ctx, secattr);
	if (rc != 0)