dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses.
stable inclusion from stable-v4.19.299 commit 8b3639cb78a1a45eeb85df92aba93cc459b6175b category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I8MCB5 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=8b3639cb78a1a45eeb85df92aba93cc459b6175b -------------------------------- [ Upstream commit 23be1e0e2a83a8543214d2599a31d9a2185a796b ] Initially, commit 4237c75c ("[MLSXFRM]: Auto-labeling of child sockets") introduced security_inet_conn_request() in some functions where reqsk is allocated. The hook is added just after the allocation, so reqsk's IPv6 remote address was not initialised then. However, SELinux/Smack started to read it in netlbl_req_setattr() after commit e1adea92 ("calipso: Allow request sockets to be relabelled by the lsm."). Commit 284904aa ("lsm: Relocate the IPv4 security_inet_conn_request() hooks") fixed that kind of issue only in TCPv4 because IPv6 labeling was not supported at that time. Finally, the same issue was introduced again in IPv6. Let's apply the same fix on DCCPv6 and TCPv6. Fixes: e1adea92 ("calipso: Allow request sockets to be relabelled by the lsm.") Signed-off-by:Kuniyuki Iwashima <kuniyu@amazon.com> Acked-by:
Loading
Please sign in to comment