[PATCH] SELinux: map Unix seqpacket sockets to appropriate security class

This patch for SELinux fixes a bug in the mapping of socket types to security classes and ensures that Unix seqpacket sockets are mapped to an appropriate security class. The Unix stream security class is re-used in this case as it has the same permission checking applied as for seqpacket. Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil> Signed-off-by: James Morris <jmorris@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
author: Stephen D. Smalley <sds@epoch.ncsc.mil> 2004-11-21 16:42:58 -0800
committer: Linus Torvalds <torvalds@ppc970.osdl.org> 2004-11-21 16:42:58 -0800
commit: a79fa1df11377acc4f996fe1d7333c08e51544c4 (patch)
tree: 9463697d3251765e6621cbb62574510fa941fd70 /security
parent: 8c2bfc5b38c5338472cac971230183de07bb11b9 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4c15d2320e89..7f370eb17393 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -631,10 +631,12 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
 	case PF_UNIX:
 		switch (type) {
 		case SOCK_STREAM:
+		case SOCK_SEQPACKET:
 			return SECCLASS_UNIX_STREAM_SOCKET;
 		case SOCK_DGRAM:
 			return SECCLASS_UNIX_DGRAM_SOCKET;
 		}
+		break;
 	case PF_INET:
 	case PF_INET6:
 		switch (type) {
@@ -645,6 +647,7 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
 		case SOCK_RAW:
 			return SECCLASS_RAWIP_SOCKET;
 		}
+		break;
 	case PF_NETLINK:
 		switch (protocol) {
 		case NETLINK_ROUTE:
author	Stephen D. Smalley <sds@epoch.ncsc.mil>	2004-11-21 16:42:58 -0800
committer	Linus Torvalds <torvalds@ppc970.osdl.org>	2004-11-21 16:42:58 -0800
commit	a79fa1df11377acc4f996fe1d7333c08e51544c4 (patch)
tree	9463697d3251765e6621cbb62574510fa941fd70 /security
parent	8c2bfc5b38c5338472cac971230183de07bb11b9 (diff)