Merge branch 'linus' into x86/core

[firefly-linux-kernel-4.4.55.git] / security / selinux / hooks.c

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 309648c573d8471e416229b434aed22e5004f18f..7c52ba243c6490acf9d22f719763a3931fbaabfb 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1263,9 +1263,15 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
                        dentry = d_find_alias(inode);
                }
                if (!dentry) {
-                       printk(KERN_WARNING "SELinux: %s:  no dentry for dev=%s "
-                              "ino=%ld\n", __func__, inode->i_sb->s_id,
-                              inode->i_ino);
+                       /*
+                        * this is can be hit on boot when a file is accessed
+                        * before the policy is loaded.  When we load policy we
+                        * may find inodes that have no dentry on the
+                        * sbsec->isec_head list.  No reason to complain as these
+                        * will get fixed up the next time we go through
+                        * inode_doinit with a dentry, before these inodes could
+                        * be used again by userspace.
+                        */
                        goto out_unlock;
                }
 
@@ -1838,6 +1844,8 @@ static inline u32 open_file_to_av(struct file *file)
                        av |= FIFO_FILE__OPEN;
                else if (S_ISDIR(mode))
                        av |= DIR__OPEN;
+               else if (S_ISSOCK(mode))
+                       av |= SOCK_FILE__OPEN;
                else
                        printk(KERN_ERR "SELinux: WARNING: inside %s with "
                                "unknown mode:%o\n", __func__, mode);