diff options
| author | Jeff Garzik <jgarzik@pretzel.yyz.us> | 2005-06-22 21:50:57 -0400 |
|---|---|---|
| committer | Jeff Garzik <jgarzik@pobox.com> | 2005-06-22 21:50:57 -0400 |
| commit | a5324343955997d1439f26518ddac567cd5d134b (patch) | |
| tree | f43558389c41e3a0f076c4ee55d77c4aa1561779 /security/selinux/ss/services.c | |
| parent | 8199d3a79c224bbe5943fa08684e1f93a17881b0 (diff) | |
| parent | a4936044001694f033fe4ea94d6034d51a6b465c (diff) | |
| download | op-kernel-dev-a5324343955997d1439f26518ddac567cd5d134b.zip op-kernel-dev-a5324343955997d1439f26518ddac567cd5d134b.tar.gz | |
Merge /spare/repo/linux-2.6/
Diffstat (limited to 'security/selinux/ss/services.c')
| -rw-r--r-- | security/selinux/ss/services.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 5a820cf..b614914 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -365,7 +365,7 @@ static int security_validtrans_handle_fail(struct context *ocontext, goto out; if (context_struct_to_string(tcontext, &t, &tlen) < 0) goto out; - audit_log(current->audit_context, + audit_log(current->audit_context, AUDIT_SELINUX_ERR, "security_validate_transition: denied for" " oldcontext=%s newcontext=%s taskcontext=%s tclass=%s", o, n, t, policydb.p_class_val_to_name[tclass-1]); @@ -476,8 +476,8 @@ int security_compute_av(u32 ssid, int rc = 0; if (!ss_initialized) { - avd->allowed = requested; - avd->decided = requested; + avd->allowed = 0xffffffff; + avd->decided = 0xffffffff; avd->auditallow = 0; avd->auditdeny = 0xffffffff; avd->seqno = latest_granting; @@ -742,7 +742,7 @@ static int compute_sid_handle_invalid_context( goto out; if (context_struct_to_string(newcontext, &n, &nlen) < 0) goto out; - audit_log(current->audit_context, + audit_log(current->audit_context, AUDIT_SELINUX_ERR, "security_compute_sid: invalid context %s" " for scontext=%s" " tcontext=%s" @@ -1196,9 +1196,11 @@ int security_load_policy(void *data, size_t len) } policydb_loaded_version = policydb.policyvers; ss_initialized = 1; - + seqno = ++latest_granting; LOAD_UNLOCK; selinux_complete_init(); + avc_ss_reset(seqno); + selnl_notify_policyload(seqno); return 0; } |
