Searched hist:"900 fde06" (Results 1 – 1 of 1) sorted by relevance
/openbmc/linux/security/selinux/ |
H A D | selinuxfs.c | 900fde06 Mon Jan 09 09:07:32 CST 2017 Gary Tierney <gary.tierney@gmx.com> selinux: default to security isid in sel_make_bools() if no sid is found
Use SECINITSID_SECURITY as the default SID for booleans which don't have a matching SID returned from security_genfs_sid(), also update the error message to a warning which matches this.
This prevents the policy failing to load (and consequently the system failing to boot) when there is no default genfscon statement matched for the selinuxfs in the new policy.
Signed-off-by: Gary Tierney <gary.tierney@gmx.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com> 900fde06 Mon Jan 09 09:07:32 CST 2017 Gary Tierney <gary.tierney@gmx.com> selinux: default to security isid in sel_make_bools() if no sid is found Use SECINITSID_SECURITY as the default SID for booleans which don't have a matching SID returned from security_genfs_sid(), also update the error message to a warning which matches this. This prevents the policy failing to load (and consequently the system failing to boot) when there is no default genfscon statement matched for the selinuxfs in the new policy. Signed-off-by: Gary Tierney <gary.tierney@gmx.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>
|