summaryrefslogtreecommitdiff
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 5ab9d1e3e2b8..cc7689c5c153 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -740,6 +740,7 @@ static int selinux_set_mnt_opts(struct super_block *sb,
sbsec->flags |= SE_SBPROC | SE_SBGENFS;
if (!strcmp(sb->s_type->name, "debugfs") ||
+ !strcmp(sb->s_type->name, "tracefs") ||
!strcmp(sb->s_type->name, "sysfs") ||
!strcmp(sb->s_type->name, "pstore"))
sbsec->flags |= SE_SBGENFS;
@@ -1245,6 +1246,8 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
return SECCLASS_KEY_SOCKET;
case PF_APPLETALK:
return SECCLASS_APPLETALK_SOCKET;
+ case PF_CAN:
+ return SECCLASS_CAN_SOCKET;
}
return SECCLASS_SOCKET;
@@ -4064,6 +4067,8 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms)
struct lsm_network_audit net = {0,};
u32 tsid = task_sid(task);
+ if (!sksec)
+ return -EFAULT;
if (sksec->sid == SECINITSID_KERNEL)
return 0;
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-15 09:40:08 +0000