summaryrefslogtreecommitdiff
path: root/security/selinux/avc.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2009-06-11 21:01:41 +0400
committerLinus Torvalds <torvalds@linux-foundation.org>2009-06-11 21:01:41 +0400
commit3296ca27f50ecbd71db1d808c7a72d311027f919 (patch)
tree833eaa58b2013bda86d4bd95faf6efad7a2d5ca4 /security/selinux/avc.c
parente893123c7378192c094747dadec326b7c000c190 (diff)
parent73fbad283cfbbcf02939bdbda31fc4a30e729cca (diff)
downloadlinux-3296ca27f50ecbd71db1d808c7a72d311027f919.tar.xz
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (44 commits) nommu: Provide mmap_min_addr definition. TOMOYO: Add description of lists and structures. TOMOYO: Remove unused field. integrity: ima audit dentry_open failure TOMOYO: Remove unused parameter. security: use mmap_min_addr indepedently of security models TOMOYO: Simplify policy reader. TOMOYO: Remove redundant markers. SELinux: define audit permissions for audit tree netlink messages TOMOYO: Remove unused mutex. tomoyo: avoid get+put of task_struct smack: Remove redundant initialization. integrity: nfsd imbalance bug fix rootplug: Remove redundant initialization. smack: do not beyond ARRAY_SIZE of data integrity: move ima_counts_get integrity: path_check update IMA: Add __init notation to ima functions IMA: Minimal IMA policy and boot param for TCB IMA policy selinux: remove obsolete read buffer limit from sel_read_bool ...
Diffstat (limited to 'security/selinux/avc.c')
-rw-r--r--security/selinux/avc.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 7f9b5fac8779..b2ab60859832 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -927,7 +927,7 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid,
if (denied) {
if (flags & AVC_STRICT)
rc = -EACCES;
- else if (!selinux_enforcing || security_permissive_sid(ssid))
+ else if (!selinux_enforcing || (avd->flags & AVD_FLAGS_PERMISSIVE))
avc_update_node(AVC_CALLBACK_GRANT, requested, ssid,
tsid, tclass, avd->seqno);
else