summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorPaul Moore <pmoore@redhat.com>2014-07-28 18:42:48 +0400
committerPaul Moore <pmoore@redhat.com>2014-07-28 18:46:07 +0400
commit2873ead7e46694910ac49c3a8ee0f54956f96e0c (patch)
treeca9560e878d2842d45c6f99077d0d8b8f8b0f9ba /security
parent4da6daf4d3df5a977e4623963f141a627fd2efce (diff)
downloadlinux-2873ead7e46694910ac49c3a8ee0f54956f96e0c.tar.xz
Revert "selinux: fix the default socket labeling in sock_graft()"
This reverts commit 4da6daf4d3df5a977e4623963f141a627fd2efce. Unfortunately, the commit in question caused problems with Bluetooth devices, specifically it caused them to get caught in the newly created BUG_ON() check. The AF_ALG problem still exists, but will be addressed in a future patch. Cc: stable@vger.kernel.org Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/hooks.c13
1 files changed, 2 insertions, 11 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index b3a6754e932b..336f0a04450e 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4499,18 +4499,9 @@ static void selinux_sock_graft(struct sock *sk, struct socket *parent)
struct inode_security_struct *isec = SOCK_INODE(parent)->i_security;
struct sk_security_struct *sksec = sk->sk_security;
- switch (sk->sk_family) {
- case PF_INET:
- case PF_INET6:
- case PF_UNIX:
+ if (sk->sk_family == PF_INET || sk->sk_family == PF_INET6 ||
+ sk->sk_family == PF_UNIX)
isec->sid = sksec->sid;
- break;
- default:
- /* by default there is no special labeling mechanism for the
- * sksec label so inherit the label from the parent socket */
- BUG_ON(sksec->sid != SECINITSID_UNLABELED);
- sksec->sid = isec->sid;
- }
sksec->sclass = isec->sclass;
}