diff options
| author | Arnaldo Carvalho de Melo <acme@redhat.com> | 2021-10-08 11:13:17 -0300 |
|---|---|---|
| committer | Arnaldo Carvalho de Melo <acme@redhat.com> | 2021-10-08 11:13:17 -0300 |
| commit | 47e7dd34a26def31af352df3a8281e7ff1bc345a (patch) | |
| tree | f8cbd86ce126d65f79bca2ceefbaea6130923e1b /security | |
| parent | be8ecc57f180415e8a7c1cc5620c5236be2a7e56 (diff) | |
| parent | 1da38549dd64c7f5dd22427f12dfa8db3d8a722b (diff) | |
Merge remote-tracking branch 'torvalds/master' into perf/core
To pick up the fixes in perf/urgent that were just merged into upstream.
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/hooks.c | 4 | ||||
| -rw-r--r-- | security/selinux/nlmsgtab.c | 4 | ||||
| -rw-r--r-- | security/smack/smack_lsm.c | 4 |
3 files changed, 7 insertions, 5 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 6517f221d52c..e7ebd45ca345 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2157,7 +2157,7 @@ static int selinux_ptrace_access_check(struct task_struct *child, static int selinux_ptrace_traceme(struct task_struct *parent) { return avc_has_perm(&selinux_state, - task_sid_subj(parent), task_sid_obj(current), + task_sid_obj(parent), task_sid_obj(current), SECCLASS_PROCESS, PROCESS__PTRACE, NULL); } @@ -6222,7 +6222,7 @@ static int selinux_msg_queue_msgrcv(struct kern_ipc_perm *msq, struct msg_msg *m struct ipc_security_struct *isec; struct msg_security_struct *msec; struct common_audit_data ad; - u32 sid = task_sid_subj(target); + u32 sid = task_sid_obj(target); int rc; isec = selinux_ipc(msq); diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index d59276f48d4f..94ea2a8b2bb7 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -126,6 +126,8 @@ static const struct nlmsg_perm nlmsg_xfrm_perms[] = { XFRM_MSG_NEWSPDINFO, NETLINK_XFRM_SOCKET__NLMSG_WRITE }, { XFRM_MSG_GETSPDINFO, NETLINK_XFRM_SOCKET__NLMSG_READ }, { XFRM_MSG_MAPPING, NETLINK_XFRM_SOCKET__NLMSG_READ }, + { XFRM_MSG_SETDEFAULT, NETLINK_XFRM_SOCKET__NLMSG_WRITE }, + { XFRM_MSG_GETDEFAULT, NETLINK_XFRM_SOCKET__NLMSG_READ }, }; static const struct nlmsg_perm nlmsg_audit_perms[] = @@ -189,7 +191,7 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) * structures at the top of this file with the new mappings * before updating the BUILD_BUG_ON() macro! */ - BUILD_BUG_ON(XFRM_MSG_MAX != XFRM_MSG_MAPPING); + BUILD_BUG_ON(XFRM_MSG_MAX != XFRM_MSG_GETDEFAULT); err = nlmsg_perm(nlmsg_type, perm, nlmsg_xfrm_perms, sizeof(nlmsg_xfrm_perms)); break; diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index cacbe7518519..21a0e7c3b8de 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -2016,7 +2016,7 @@ static int smk_curacc_on_task(struct task_struct *p, int access, const char *caller) { struct smk_audit_info ad; - struct smack_known *skp = smk_of_task_struct_subj(p); + struct smack_known *skp = smk_of_task_struct_obj(p); int rc; smk_ad_init(&ad, caller, LSM_AUDIT_DATA_TASK); @@ -3480,7 +3480,7 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) */ static int smack_getprocattr(struct task_struct *p, char *name, char **value) { - struct smack_known *skp = smk_of_task_struct_subj(p); + struct smack_known *skp = smk_of_task_struct_obj(p); char *cp; int slen; |