Ensure that we only close the selinux netlink socket once.
- Taken from our Android libselinux tree. From Stephen Smalley
This commit is contained in:
Dan Walsh
parent
6b51ca9aaf
commit
4eed7a5379
@ -281,6 +281,54 @@ index 802a07f..6ff83a7 100644
|
|||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
diff --git a/libselinux/src/avc_internal.c b/libselinux/src/avc_internal.c
|
||||||
|
index a07aa7f..d219331 100644
|
||||||
|
--- a/libselinux/src/avc_internal.c
|
||||||
|
+++ b/libselinux/src/avc_internal.c
|
||||||
|
@@ -53,7 +53,7 @@ int avc_setenforce = 0;
|
||||||
|
int avc_netlink_trouble = 0;
|
||||||
|
|
||||||
|
/* netlink socket code */
|
||||||
|
-static int fd;
|
||||||
|
+static int fd = -1;
|
||||||
|
|
||||||
|
int avc_netlink_open(int blocking)
|
||||||
|
{
|
||||||
|
@@ -69,6 +69,7 @@ int avc_netlink_open(int blocking)
|
||||||
|
fcntl(fd, F_SETFD, FD_CLOEXEC);
|
||||||
|
if (!blocking && fcntl(fd, F_SETFL, O_NONBLOCK)) {
|
||||||
|
close(fd);
|
||||||
|
+ fd = -1;
|
||||||
|
rc = -1;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
@@ -81,6 +82,7 @@ int avc_netlink_open(int blocking)
|
||||||
|
|
||||||
|
if (bind(fd, (struct sockaddr *)&addr, len) < 0) {
|
||||||
|
close(fd);
|
||||||
|
+ fd = -1;
|
||||||
|
rc = -1;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
@@ -90,7 +92,9 @@ int avc_netlink_open(int blocking)
|
||||||
|
|
||||||
|
void avc_netlink_close(void)
|
||||||
|
{
|
||||||
|
- close(fd);
|
||||||
|
+ if (fd >= 0)
|
||||||
|
+ close(fd);
|
||||||
|
+ fd = -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int avc_netlink_receive(char *buf, unsigned buflen, int blocking)
|
||||||
|
@@ -269,6 +273,7 @@ void avc_netlink_loop(void)
|
||||||
|
}
|
||||||
|
|
||||||
|
close(fd);
|
||||||
|
+ fd = -1;
|
||||||
|
avc_netlink_trouble = 1;
|
||||||
|
avc_log(SELINUX_ERROR,
|
||||||
|
"%s: netlink thread: errors encountered, terminating\n",
|
||||||
diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
|
diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
|
||||||
index 1510043..b5e6655 100644
|
index 1510043..b5e6655 100644
|
||||||
--- a/libselinux/src/booleans.c
|
--- a/libselinux/src/booleans.c
|
||||||
|
|||||||
@ -8,7 +8,7 @@
|
|||||||
Summary: SELinux library and simple utilities
|
Summary: SELinux library and simple utilities
|
||||||
Name: libselinux
|
Name: libselinux
|
||||||
Version: 2.1.11
|
Version: 2.1.11
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
License: Public Domain
|
License: Public Domain
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
Source: %{name}-%{version}.tgz
|
Source: %{name}-%{version}.tgz
|
||||||
@ -233,6 +233,10 @@ rm -rf %{buildroot}
|
|||||||
%{ruby_sitearch}/selinux.so
|
%{ruby_sitearch}/selinux.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jul 31 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-4
|
||||||
|
- Ensure that we only close the selinux netlink socket once.
|
||||||
|
- Taken from our Android libselinux tree. From Stephen Smalley
|
||||||
|
|
||||||
* Mon Jul 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-3
|
* Mon Jul 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-3
|
||||||
- Move the tmpfiles.d content from /etc/tmpfiles.d to /usr/lib/tmpfiles.d
|
- Move the tmpfiles.d content from /etc/tmpfiles.d to /usr/lib/tmpfiles.d
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user