summaryrefslogtreecommitdiff
path: root/README
diff options
context:
space:
mode:
authorXin Long <lucien.xin@gmail.com>2021-11-02 08:02:47 -0400
committerDavid S. Miller <davem@davemloft.net>2021-11-03 11:09:20 +0000
commitc081d53f97a1a90a38e4296dd3d6fda5e38dca2c (patch)
treef26464a1cb69209c3704ad448b23bb82279f8472 /README
parent843c3cbbdf89e8a2801363c3837f43557568d08f (diff)
downloadlinux-next-c081d53f97a1a90a38e4296dd3d6fda5e38dca2c.tar.gz
security: pass asoc to sctp_assoc_request and sctp_sk_clone
This patch is to move secid and peer_secid from endpoint to association, and pass asoc to sctp_assoc_request and sctp_sk_clone instead of ep. As ep is the local endpoint and asoc represents a connection, and in SCTP one sk/ep could have multiple asoc/connection, saving secid/peer_secid for new asoc will overwrite the old asoc's. Note that since asoc can be passed as NULL, security_sctp_assoc_request() is moved to the place right after the new_asoc is created in sctp_sf_do_5_1B_init() and sctp_sf_do_unexpected_init(). v1->v2: - fix the description of selinux_netlbl_skbuff_setsid(), as Jakub noticed. - fix the annotation in selinux_sctp_assoc_request(), as Richard Noticed. Fixes: 72e89f50084c ("security: Add support for SCTP security hooks") Reported-by: Prashanth Prahlad <pprahlad@redhat.com> Reviewed-by: Richard Haines <richard_c_haines@btinternet.com> Tested-by: Richard Haines <richard_c_haines@btinternet.com> Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'README')
0 files changed, 0 insertions, 0 deletions