]> err.no Git - linux-2.6/commitdiff
projects / linux-2.6 / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1fd2a25)
NetLabel: correctly fill in unused CIPSOv4 level and category mappings
authorPaul Moore <paul.moore@hp.com>
Fri, 15 Dec 2006 21:49:28 +0000 (16:49 -0500)
committerDavid S. Miller <davem@sunset.davemloft.net>
Fri, 22 Dec 2006 19:11:58 +0000 (11:11 -0800)
Back when the original NetLabel patches were being changed to use Netlink
attributes correctly some code was accidentially dropped which set all of the
undefined CIPSOv4 level and category mappings to a sentinel value.  The result
is the mappings data in the kernel contains bogus mappings which always map to
zero.  This patch restores the old/correct behavior by initializing the mapping
data to the correct sentinel value.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
net/netlabel/netlabel_cipso_v4.c patch | blob | history

diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c
index 1fbc906a9737eacdc847ae6e2eb31a2dec7b5622..4afc75f9e377b7bb167749b8a51ec50589182cf9 100644 (file)
--- a/net/netlabel/netlabel_cipso_v4.c
+++ b/net/netlabel/netlabel_cipso_v4.c
@@ -162,6 +162,7 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
        struct nlattr *nla_b;
        int nla_a_rem;
        int nla_b_rem;
+       u32 iter;
 
        if (!info->attrs[NLBL_CIPSOV4_A_TAGLST] ||
            !info->attrs[NLBL_CIPSOV4_A_MLSLVLLST])
@@ -231,6 +232,10 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
                ret_val = -ENOMEM;
                goto add_std_failure;
        }
+       for (iter = 0; iter < doi_def->map.std->lvl.local_size; iter++)
+               doi_def->map.std->lvl.local[iter] = CIPSO_V4_INV_LVL;
+       for (iter = 0; iter < doi_def->map.std->lvl.cipso_size; iter++)
+               doi_def->map.std->lvl.cipso[iter] = CIPSO_V4_INV_LVL;
        nla_for_each_nested(nla_a,
                            info->attrs[NLBL_CIPSOV4_A_MLSLVLLST],
                            nla_a_rem)
@@ -302,6 +307,10 @@ static int netlbl_cipsov4_add_std(struct genl_info *info)
                        ret_val = -ENOMEM;
                        goto add_std_failure;
                }
+               for (iter = 0; iter < doi_def->map.std->cat.local_size; iter++)
+                       doi_def->map.std->cat.local[iter] = CIPSO_V4_INV_CAT;
+               for (iter = 0; iter < doi_def->map.std->cat.cipso_size; iter++)
+                       doi_def->map.std->cat.cipso[iter] = CIPSO_V4_INV_CAT;
                nla_for_each_nested(nla_a,
                                    info->attrs[NLBL_CIPSOV4_A_MLSCATLST],
                                    nla_a_rem)
Linux 2.6 source tree