Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-21 19:41:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Two fixes for Smack networking by Konstantin Andreev.

Browse Source 
-----BEGIN PGP SIGNATURE-----
 
 iQJLBAABCAA1FiEEC+9tH1YyUwIQzUIeOKUVfIxDyBEFAmaVq5MXHGNhc2V5QHNj
 aGF1Zmxlci1jYS5jb20ACgkQOKUVfIxDyBGMLRAApV/C/OzwNgaAW37gWSns8TIM
 m0ylo/8BJmbRaxIgaX1ryBBK0q1WF/EyKkmgGmeXLpphyjwfx4ngHnfikhj0Uf0f
 3NZ59e8avhvp0v5mXpu6+InbD0y8PxWHDhPXCSqpxQIPnQe3x/XD2vQq5xmIVmAU
 sXaiD3UXkRlgQ+dHYkfYgbMPmFc+YGtFgAgFLqXEJybqF/ViaIiptgjapArwfLox
 tvEsBpKktm0Ku5qkPfMqQoST+7fWTj2UBg9nOgYo1vLs7OnfeUIkPUQHi+YphYoW
 F48TrjfR7jvoMt74l3ASqTrSfvsvs2WE+le8kHsPn2HT5FKzYLqeMGQZaRd/5Kvb
 /wXJJSUTLfyLX049c7F2tlFy2SsHAYITn9GLNK6bxeZep6HtR9/DBxRiJCxS7hSY
 iNrdatNdBZ6G1lCtlA4b41FkrmHqekgi4P5RV5yTC8SpVbeS4cQtbWbDECK5QSgA
 H5F1jZ1bqjp5bvhNqQa2mS3oEJvJU9wREycI9sspb8IXick0MPypPF4EdiweUuX0
 +/rfynL9U938LyT0kaXD8TSelqtjvpvA+qmBqFLrxGFlMTnUUnf8P/GOPe1XavYg
 RUKCZGWcmhLDlPZWI8aofqfDm/SB5cgZhcEM0z139iIV5lVS/ROaFoAVDdsTn7Dt
 /hOSnMUyDxrBqPmyntc=
 =i4ll
 -----END PGP SIGNATURE-----

Merge tag 'Smack-for-6.10' of https://github.com/cschaufler/smack-next

Pull smack updates from Casey Schaufler:
 "Two fixes for Smack networking labeling by Konstantin Andreev"

* tag 'Smack-for-6.10' of https://github.com/cschaufler/smack-next:
  smack: unix sockets: fix accept()ed socket label
  smack: tcp: ipv4, fix incorrect labeling
This commit is contained in:
Linus Torvalds 2024-07-16 14:56:13 -07:00
commit 42b5a01596
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
security/smack/smack_lsm.c
View File

@ -3871,12 +3871,18 @@ static int smack_unix_stream_connect(struct sock *sock,
}
}
/*
* Cross reference the peer labels for SO_PEERSEC.
*/
if (rc == 0) {
/*
* Cross reference the peer labels for SO_PEERSEC.
*/
nsp->smk_packet = ssp->smk_out;
ssp->smk_packet = osp->smk_out;
/*
* new/child/established socket must inherit listening socket labels
*/
nsp->smk_out = osp->smk_out;
nsp->smk_in = osp->smk_in;
}
return rc;
@ -4456,7 +4462,7 @@ static int smack_inet_conn_request(const struct sock *sk, struct sk_buff *skb,
rcu_read_unlock();
if (hskp == NULL)
rc = netlbl_req_setattr(req, &skp->smk_netlabel);
rc = netlbl_req_setattr(req, &ssp->smk_out->smk_netlabel);
else
netlbl_req_delattr(req);