raspi/linux
1
0
Fork 1
mirror of https://github.com/raspberrypi/linux.git synced 2025-12-06 10:00:17 +00:00
Code Issues Projects Releases Wiki Activity

Merge tag 'Smack-for-6.10' of https://github.com/cschaufler/smack-next

Browse Source 
Pull smack updates from Casey Schaufler:
 "Two fixes for Smack networking labeling by Konstantin Andreev"

* tag 'Smack-for-6.10' of https://github.com/cschaufler/smack-next:
  smack: unix sockets: fix accept()ed socket label
  smack: tcp: ipv4, fix incorrect labeling
This commit is contained in:
Linus Torvalds
2024-07-16 14:56:13 -07:00
parent 11ab4cd5ec e86cac0acd
commit 42b5a01596
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
security/smack/smack_lsm.c
View File

@@ -3871,12 +3871,18 @@ static int smack_unix_stream_connect(struct sock *sock,
}
}
/*
* Cross reference the peer labels for SO_PEERSEC.
*/
if (rc == 0) {
/*
* Cross reference the peer labels for SO_PEERSEC.
*/
nsp->smk_packet = ssp->smk_out;
ssp->smk_packet = osp->smk_out;
/*
* new/child/established socket must inherit listening socket labels
*/
nsp->smk_out = osp->smk_out;
nsp->smk_in = osp->smk_in;
}
return rc;
@@ -4456,7 +4462,7 @@ static int smack_inet_conn_request(const struct sock *sk, struct sk_buff *skb,
rcu_read_unlock();
if (hskp == NULL)
rc = netlbl_req_setattr(req, &skp->smk_netlabel);
rc = netlbl_req_setattr(req, &ssp->smk_out->smk_netlabel);
else
netlbl_req_delattr(req);