From 3bf9ae2ac653feb86532fdaa88dc6f76d22e8efb Mon Sep 17 00:00:00 2001
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Sun, 22 Feb 2009 16:26:09 -0800
Subject: [PATCH] --- yaml --- r: 131683 b: refs/heads/master c:
 8310509252c51e2a0e9effb50fefe7e098a67868 h: refs/heads/master i:   131681:
 75ff5d314780b58ec0ea272891ca51390d9983de   131679:
 323eeaf9275ee79705317a9aa2fc0abfe4c67afe v: v3

---
 [refs]                            | 2 +-
 trunk/net/ipv4/cipso_ipv4.c       | 9 +++++++--
 trunk/security/selinux/netlabel.c | 4 +++-
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/[refs] b/[refs]
index 35865385f9e9..a97391440d33 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 5004417d840e6dcb0052061fd04569b9c9f037a8
+refs/heads/master: 8310509252c51e2a0e9effb50fefe7e098a67868
diff --git a/trunk/net/ipv4/cipso_ipv4.c b/trunk/net/ipv4/cipso_ipv4.c
index 6bb2635b5ded..7bc992976d29 100644
--- a/trunk/net/ipv4/cipso_ipv4.c
+++ b/trunk/net/ipv4/cipso_ipv4.c
@@ -3,11 +3,16 @@
  *
  * This is an implementation of the CIPSO 2.2 protocol as specified in
  * draft-ietf-cipso-ipsecurity-01.txt with additional tag types as found in
- * FIPS-188, copies of both documents can be found in the Documentation
- * directory.  While CIPSO never became a full IETF RFC standard many vendors
+ * FIPS-188.  While CIPSO never became a full IETF RFC standard many vendors
  * have chosen to adopt the protocol and over the years it has become a
  * de-facto standard for labeled networking.
  *
+ * The CIPSO draft specification can be found in the kernel's Documentation
+ * directory as well as the following URL:
+ *   http://netlabel.sourceforge.net/files/draft-ietf-cipso-ipsecurity-01.txt
+ * The FIPS-188 specification can be found at the following URL:
+ *   http://www.itl.nist.gov/fipspubs/fip188.htm
+ *
  * Author: Paul Moore <paul.moore@hp.com>
  *
  */
diff --git a/trunk/security/selinux/netlabel.c b/trunk/security/selinux/netlabel.c
index f58701a7b728..3f4b26647386 100644
--- a/trunk/security/selinux/netlabel.c
+++ b/trunk/security/selinux/netlabel.c
@@ -490,8 +490,10 @@ int selinux_netlbl_socket_setsockopt(struct socket *sock,
 		lock_sock(sk);
 		rc = netlbl_sock_getattr(sk, &secattr);
 		release_sock(sk);
-		if (rc == 0 && secattr.flags != NETLBL_SECATTR_NONE)
+		if (rc == 0)
 			rc = -EACCES;
+		else if (rc == -ENOMSG)
+			rc = 0;
 		netlbl_secattr_destroy(&secattr);
 	}