diff options
author | Jeff Garzik <jeff@garzik.org> | 2006-05-20 00:03:38 -0400 |
---|---|---|
committer | Jeff Garzik <jeff@garzik.org> | 2006-05-20 00:03:38 -0400 |
commit | badc48e6605ddeeb2484afae5993c859494decaa (patch) | |
tree | 7da638f9bb53b1812b71e40ad6deca91d59ad301 /security/selinux | |
parent | 753a6c4ff4c371a3e4e3408aaba4d03f3cfde73a (diff) | |
parent | 2f880b65fdbc2d4915bddc59d75a176329570fdd (diff) |
Merge branch 'master' into upstream
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/hooks.c | 3 | ||||
-rw-r--r-- | security/selinux/include/security.h | 5 | ||||
-rw-r--r-- | security/selinux/ss/services.c | 4 |
3 files changed, 7 insertions, 5 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 3cf368a1644..d987048d3f3 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -101,6 +101,8 @@ static int __init selinux_enabled_setup(char *str) return 1; } __setup("selinux=", selinux_enabled_setup); +#else +int selinux_enabled = 1; #endif /* Original (dummy) security module. */ @@ -4535,6 +4537,7 @@ int selinux_disable(void) printk(KERN_INFO "SELinux: Disabled at runtime.\n"); selinux_disabled = 1; + selinux_enabled = 0; /* Reset security_ops to the secondary module, dummy or capability. */ security_ops = secondary_ops; diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 5f016c98056..063af47bb23 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -29,12 +29,7 @@ #define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE #define POLICYDB_VERSION_MAX POLICYDB_VERSION_AVTAB -#ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM extern int selinux_enabled; -#else -#define selinux_enabled 1 -#endif - extern int selinux_mls_enabled; int security_load_policy(void * data, size_t len); diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 7177e98df7f..c284dbb8b8c 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -594,6 +594,10 @@ int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len) *scontext_len = strlen(initial_sid_to_string[sid]) + 1; scontextp = kmalloc(*scontext_len,GFP_ATOMIC); + if (!scontextp) { + rc = -ENOMEM; + goto out; + } strcpy(scontextp, initial_sid_to_string[sid]); *scontext = scontextp; goto out; |