Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

author: Linus Torvalds <torvalds@g5.osdl.org> 2006-01-06 15:24:28 -0800
committer: Linus Torvalds <torvalds@g5.osdl.org> 2006-01-06 15:24:28 -0800
commit: d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66 (patch)
tree: 0a1bc8ff40c12bb30066467e11ae9153f89514e7 /security
parent: 57d1c91fa6d9146b309b7511f6432dea2a24858b (diff)
parent: a2167dc62e9142b9a4bfb20f7e001c0f0a26fd8c (diff)
download: linux-d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66.tar.gz
3 files changed, 3 insertions, 11 deletions
diff --git a/security/selinux/include/av_perm_to_string.h b/security/selinux/include/av_perm_to_string.h
index 71aeb12f07c8..591e98d9315a 100644
--- a/security/selinux/include/av_perm_to_string.h
+++ b/security/selinux/include/av_perm_to_string.h
@@ -238,5 +238,4 @@
    S_(SECCLASS_NSCD, NSCD__SHMEMHOST, "shmemhost")
    S_(SECCLASS_ASSOCIATION, ASSOCIATION__SENDTO, "sendto")
    S_(SECCLASS_ASSOCIATION, ASSOCIATION__RECVFROM, "recvfrom")
-   S_(SECCLASS_ASSOCIATION, ASSOCIATION__RELABELFROM, "relabelfrom")
-   S_(SECCLASS_ASSOCIATION, ASSOCIATION__RELABELTO, "relabelto")
+   S_(SECCLASS_ASSOCIATION, ASSOCIATION__SETCONTEXT, "setcontext")
diff --git a/security/selinux/include/av_permissions.h b/security/selinux/include/av_permissions.h
index d1d0996049e3..d7f02edf3930 100644
--- a/security/selinux/include/av_permissions.h
+++ b/security/selinux/include/av_permissions.h
@@ -908,8 +908,7 @@
 
 #define ASSOCIATION__SENDTO                       0x00000001UL
 #define ASSOCIATION__RECVFROM                     0x00000002UL
-#define ASSOCIATION__RELABELFROM                  0x00000004UL
-#define ASSOCIATION__RELABELTO                    0x00000008UL
+#define ASSOCIATION__SETCONTEXT                   0x00000004UL
 
 #define NETLINK_KOBJECT_UEVENT_SOCKET__IOCTL      0x00000001UL
 #define NETLINK_KOBJECT_UEVENT_SOCKET__READ       0x00000002UL
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index c4d87d4dca7b..5b7776504e4c 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -137,15 +137,9 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_us
 	 * Must be permitted to relabel from default socket type (process type)
 	 * to specified context
 	 */
-	rc = avc_has_perm(tsec->sid, tsec->sid,
-			  SECCLASS_ASSOCIATION,
-			  ASSOCIATION__RELABELFROM, NULL);
-	if (rc)
-		goto out;
-
 	rc = avc_has_perm(tsec->sid, ctx->ctx_sid,
 			  SECCLASS_ASSOCIATION,
-			  ASSOCIATION__RELABELTO, NULL);
+			  ASSOCIATION__SETCONTEXT, NULL);
 	if (rc)
 		goto out;
author	Linus Torvalds <torvalds@g5.osdl.org>	2006-01-06 15:24:28 -0800
committer	Linus Torvalds <torvalds@g5.osdl.org>	2006-01-06 15:24:28 -0800
commit	d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66 (patch)
tree	0a1bc8ff40c12bb30066467e11ae9153f89514e7 /security
parent	57d1c91fa6d9146b309b7511f6432dea2a24858b (diff)
parent	a2167dc62e9142b9a4bfb20f7e001c0f0a26fd8c (diff)
download	linux-d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66.tar.gz