selinux: libsepol: remove dead code in check_avtab_hierarchy_callback()
authorKaiGai Kohei <kaigai@ak.jp.nec.com>
Tue, 16 Feb 2010 23:49:41 +0000 (08:49 +0900)
committerJames Morris <jmorris@namei.org>
Sun, 21 Feb 2010 21:27:41 +0000 (08:27 +1100)
commit2ae3ba39389b51d8502123de0a59374bec899c4d
tree54c552fa9fa6c17b769f6aca3fd438e542b504a4
parent170800088666963de1111d62fb503889c8c82eda
selinux: libsepol: remove dead code in check_avtab_hierarchy_callback()

This patch revert the commit of 7d52a155e38d5a165759dbbee656455861bf7801
which removed a part of type_attribute_bounds_av as a dead code.
However, at that time, we didn't find out the target side boundary allows
to handle some of pseudo /proc/<pid>/* entries with its process's security
context well.

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>

--
 security/selinux/ss/services.c |   43 ++++++++++++++++++++++++++++++++++++---
 1 files changed, 39 insertions(+), 4 deletions(-)
Signed-off-by: James Morris <jmorris@namei.org>
security/selinux/ss/services.c