2 files changed, 4 insertions, 2 deletions

diff --git a/security/smack/smack.h b/security/smack/smack.h
index 77abe2efacae..73480ee07478 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -173,6 +173,7 @@ struct smk_port_label {
 	unsigned short		smk_port;	/* the port number */
 	struct smack_known	*smk_in;	/* inbound label */
 	struct smack_known	*smk_out;	/* outgoing label */
+	short			smk_sock_type;	/* Socket type */
 };
 #endif /* SMACK_IPV6_PORT_LABELING */
 
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index b76696b84e5c..5e4d2bdb38cb 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2635,7 +2635,7 @@ static void smk_ipv6_port_label(struct socket *sock, struct sockaddr *address)
 	 */
 	rcu_read_lock();
 	list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
-		if (spp->smk_port != port)
+		if (spp->smk_port != port || spp->smk_sock_type != sock->type)
 			continue;
 		spp->smk_port = port;
 		spp->smk_sock = sk;
@@ -2656,6 +2656,7 @@ static void smk_ipv6_port_label(struct socket *sock, struct sockaddr *address)
 	spp->smk_sock = sk;
 	spp->smk_in = ssp->smk_in;
 	spp->smk_out = ssp->smk_out;
+	spp->smk_sock_type = sock->type;
 
 	mutex_lock(&smack_ipv6_lock);
 	list_add_rcu(&spp->list, &smk_ipv6_port_list);
@@ -2712,7 +2713,7 @@ static int smk_ipv6_port_check(struct sock *sk, struct sockaddr_in6 *address,
 	port = ntohs(address->sin6_port);
 	rcu_read_lock();
 	list_for_each_entry_rcu(spp, &smk_ipv6_port_list, list) {
-		if (spp->smk_port != port)
+		if (spp->smk_port != port || spp->smk_sock_type != sk->sk_type)
 			continue;
 		object = spp->smk_in;
 		if (act == SMK_CONNECTING)