Merge remote-tracking branch 'msm8998/lineage-20' into lineage-20

Change-Id: I126075a330f305c85f8fe1b8c9d408f368be95d1
author: Raghuram Subramani <raghus2247@gmail.com> 2024-10-17 17:33:46 +0530
committer: Raghuram Subramani <raghus2247@gmail.com> 2024-10-17 17:33:46 +0530
commit: 321337c9e82f016a0cd64f81573c18b5731ffa8d (patch)
tree: e9874bb042e851fec1e19bb8dfca694ef885456a /security/selinux/xfrm.c
parent: cc57cb4ee3b7918b74d30604735d353b9a5fa23b (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index 56e354fcdfc6..fda680555451 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -174,9 +174,10 @@ int selinux_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir)
  */
 int selinux_xfrm_state_pol_flow_match(struct xfrm_state *x,
 				      struct xfrm_policy *xp,
-				      const struct flowi *fl)
+				      const struct flowi_common *flic)
 {
 	u32 state_sid;
+	u32 flic_sid;
 
 	if (!xp->security)
 		if (x->security)
@@ -195,14 +196,15 @@ int selinux_xfrm_state_pol_flow_match(struct xfrm_state *x,
 				return 0;
 
 	state_sid = x->security->ctx_sid;
+	flic_sid = flic->flowic_secid;
 
-	if (fl->flowi_secid != state_sid)
+	if (flic_sid != state_sid)
 		return 0;
 
 	/* We don't need a separate SA Vs. policy polmatch check since the SA
 	 * is now of the same label as the flow and a flow Vs. policy polmatch
 	 * check had already happened in selinux_xfrm_policy_lookup() above. */
-	return (avc_has_perm(fl->flowi_secid, state_sid,
+	return (avc_has_perm(flic_sid, state_sid,
 			    SECCLASS_ASSOCIATION, ASSOCIATION__SENDTO,
 			    NULL) ? 0 : 1);
 }
author	Raghuram Subramani <raghus2247@gmail.com>	2024-10-17 17:33:46 +0530
committer	Raghuram Subramani <raghus2247@gmail.com>	2024-10-17 17:33:46 +0530
commit	321337c9e82f016a0cd64f81573c18b5731ffa8d (patch)
tree	e9874bb042e851fec1e19bb8dfca694ef885456a /security/selinux/xfrm.c
parent	cc57cb4ee3b7918b74d30604735d353b9a5fa23b (diff)