diff options
author | Trent Jaeger <tjaeger@cse.psu.edu> | 2006-01-06 13:22:39 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2006-01-06 13:22:39 -0800 |
commit | 5f8ac64b15172c7ced7d7990eb28342092bc751b (patch) | |
tree | 63046817c9a6e8db513379337f01289c045a5d63 /security/selinux/include/av_perm_to_string.h | |
parent | 69549ddd2f894c4cead50ee2b60cc02990c389ad (diff) | |
download | op-kernel-dev-5f8ac64b15172c7ced7d7990eb28342092bc751b.zip op-kernel-dev-5f8ac64b15172c7ced7d7990eb28342092bc751b.tar.gz |
[LSM-IPSec]: Corrections to LSM-IPSec Nethooks
This patch contains two corrections to the LSM-IPsec Nethooks patches
previously applied.
(1) free a security context on a failed insert via xfrm_user
interface in xfrm_add_policy. Memory leak.
(2) change the authorization of the allocation of a security context
in a xfrm_policy or xfrm_state from both relabelfrom and relabelto
to setcontext.
Signed-off-by: Trent Jaeger <tjaeger@cse.psu.edu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security/selinux/include/av_perm_to_string.h')
-rw-r--r-- | security/selinux/include/av_perm_to_string.h | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/security/selinux/include/av_perm_to_string.h b/security/selinux/include/av_perm_to_string.h index 71aeb12..591e98d 100644 --- a/security/selinux/include/av_perm_to_string.h +++ b/security/selinux/include/av_perm_to_string.h @@ -238,5 +238,4 @@ S_(SECCLASS_NSCD, NSCD__SHMEMHOST, "shmemhost") S_(SECCLASS_ASSOCIATION, ASSOCIATION__SENDTO, "sendto") S_(SECCLASS_ASSOCIATION, ASSOCIATION__RECVFROM, "recvfrom") - S_(SECCLASS_ASSOCIATION, ASSOCIATION__RELABELFROM, "relabelfrom") - S_(SECCLASS_ASSOCIATION, ASSOCIATION__RELABELTO, "relabelto") + S_(SECCLASS_ASSOCIATION, ASSOCIATION__SETCONTEXT, "setcontext") |