af_unix: Avoid socket->sk NULL OOPS in stream connect security hooks.

[mv-sheeva.git] / security / selinux / hooks.c

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 156ef93d6f7d8030e72b85822f13b597bfeb9736..6f637d2678ac213cbed1d1bd5b0d778d10f56562 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1973,14 +1973,10 @@ static int selinux_quota_on(struct dentry *dentry)
        return dentry_has_perm(cred, NULL, dentry, FILE__QUOTAON);
 }
 
-static int selinux_syslog(int type, bool from_file)
+static int selinux_syslog(int type)
 {
        int rc;
 
-       rc = cap_syslog(type, from_file);
-       if (rc)
-               return rc;
-
        switch (type) {
        case SYSLOG_ACTION_READ_ALL:    /* Read last kernel messages */
        case SYSLOG_ACTION_SIZE_BUFFER: /* Return size of the log buffer */
@@ -3925,18 +3921,18 @@ static int selinux_socket_shutdown(struct socket *sock, int how)
        return sock_has_perm(current, sock->sk, SOCKET__SHUTDOWN);
 }
 
-static int selinux_socket_unix_stream_connect(struct socket *sock,
-                                             struct socket *other,
+static int selinux_socket_unix_stream_connect(struct sock *sock,
+                                             struct sock *other,
                                              struct sock *newsk)
 {
-       struct sk_security_struct *sksec_sock = sock->sk->sk_security;
-       struct sk_security_struct *sksec_other = other->sk->sk_security;
+       struct sk_security_struct *sksec_sock = sock->sk_security;
+       struct sk_security_struct *sksec_other = other->sk_security;
        struct sk_security_struct *sksec_new = newsk->sk_security;
        struct common_audit_data ad;
        int err;
 
        COMMON_AUDIT_DATA_INIT(&ad, NET);
-       ad.u.net.sk = other->sk;
+       ad.u.net.sk = other;
 
        err = avc_has_perm(sksec_sock->sid, sksec_other->sid,
                           sksec_other->sclass,