security: pass asoc to sctp_assoc_request and sctp_sk_clone (c081d53f) · Commits · Mirrors / git.yoctoproject.org / linux-yocto · GitLab

Commit c081d53f authored Nov 02, 2021 by

Xin Long Committed by David S. Miller Nov 03, 2021

security: pass asoc to sctp_assoc_request and sctp_sk_clone



This patch is to move secid and peer_secid from endpoint to association,
and pass asoc to sctp_assoc_request and sctp_sk_clone instead of ep. As
ep is the local endpoint and asoc represents a connection, and in SCTP
one sk/ep could have multiple asoc/connection, saving secid/peer_secid
for new asoc will overwrite the old asoc's.

Note that since asoc can be passed as NULL, security_sctp_assoc_request()
is moved to the place right after the new_asoc is created in
sctp_sf_do_5_1B_init() and sctp_sf_do_unexpected_init().

v1->v2:
  - fix the description of selinux_netlbl_skbuff_setsid(), as Jakub noticed.
  - fix the annotation in selinux_sctp_assoc_request(), as Richard Noticed.

Fixes: 72e89f50 ("security: Add support for SCTP security hooks")
Reported-by: Prashanth Prahlad <pprahlad@redhat.com>
Reviewed-by: Richard Haines <richard_c_haines@btinternet.com>
Tested-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 843c3cbb

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 1fa854f6
· Sep 07, 2024

mentioned in commit 1fa854f6

mentioned in commit 1fa854f65aaffad39f4505664e02566ccca84b83

Toggle commit list
mirror @mirror
mentioned in commit d1e52a7e
· Sep 08, 2024

mentioned in commit d1e52a7e

mentioned in commit d1e52a7e5bb3375bd5954468d0421ed34a1bf045

Toggle commit list
mirror @mirror
mentioned in commit b65116be
· Sep 08, 2024

mentioned in commit b65116be

mentioned in commit b65116bee7b5e6fddf380310dbba03ad32c494e1

Toggle commit list

Please register or to comment