torvalds/linux
3
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-03-22 07:27:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

selinux: fix a capabilities parsing typo in selinux_bpf_token_capable()

Browse Source 
There was a typo, likely a cut-n-paste bug, where we were checking for
SECCLASS_CAPABILITY instead of SECCLASS_CAPABILITY2.

Fixes: 5473a722f7 ("selinux: add support for BPF token access control")
Reported-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Paul Moore
2026-01-14 16:00:14 -05:00
parent 5473a722f7
commit b07b6f0c5d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
security/selinux/hooks.c
View File

@@ -7260,7 +7260,7 @@ static int selinux_bpf_token_capable(const struct bpf_token *token, int cap)
sclass = initns ? SECCLASS_CAPABILITY : SECCLASS_CAP_USERNS;
break;
case 1:
sclass = initns ? SECCLASS_CAPABILITY : SECCLASS_CAP2_USERNS;
sclass = initns ? SECCLASS_CAPABILITY2 : SECCLASS_CAP2_USERNS;
break;
default:
pr_err("SELinux: out of range capability %d\n", cap);