netlink: kill loginuid/sessionid/sid members from struct netlink_skb_parms Netlink message processing in the kernel is synchronous these days, the session information can be collected when needed. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: c53fa1ed92cd671a1dfb1e7569e9ab672612ddc6 [log] [tgz]
author: Patrick McHardy <kaber@trash.net> Thu Mar 03 10:55:40 2011 -0800
committer: David S. Miller <davem@davemloft.net> Thu Mar 03 10:55:40 2011 -0800
tree: 9bb539a7731af94cac0112b8f13771e4a33e0450
parent: 06dc94b1ed05f91e246315afeb1c652d6d0dc9ab [diff] [blame]
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index c8d6992..cef42f5 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -4669,6 +4669,7 @@
 {
 	int err;
 	struct common_audit_data ad;
+	u32 sid;
 
 	err = cap_netlink_recv(skb, capability);
 	if (err)
@@ -4677,8 +4678,9 @@
 	COMMON_AUDIT_DATA_INIT(&ad, CAP);
 	ad.u.cap = capability;
 
-	return avc_has_perm(NETLINK_CB(skb).sid, NETLINK_CB(skb).sid,
-			    SECCLASS_CAPABILITY, CAP_TO_MASK(capability), &ad);
+	security_task_getsecid(current, &sid);
+	return avc_has_perm(sid, sid, SECCLASS_CAPABILITY,
+			    CAP_TO_MASK(capability), &ad);
 }
 
 static int ipc_alloc_security(struct task_struct *task,
commit	c53fa1ed92cd671a1dfb1e7569e9ab672612ddc6	[log] [tgz]
author	Patrick McHardy <kaber@trash.net>	Thu Mar 03 10:55:40 2011 -0800
committer	David S. Miller <davem@davemloft.net>	Thu Mar 03 10:55:40 2011 -0800
tree	9bb539a7731af94cac0112b8f13771e4a33e0450
parent	06dc94b1ed05f91e246315afeb1c652d6d0dc9ab [diff] [blame]