| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEjxPJ6bPApxKRYt8KTcPcKez=2=mDV+f8xNF_UfO_jHawi8KQ@mail.gmail.com>
Date: Tue, 29 Jul 2025 10:00:50 -0400
From: Stephen Smalley <stephen.smalley.work@...il.com>
To: Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>
Cc: Paul Moore <paul@...l-moore.com>, Ondrej Mosnacek <omosnace@...hat.com>, selinux@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] selinux: use a consistent method to get full socket from skb
On Tue, Jul 29, 2025 at 5:10 AM Tianjia Zhang
<tianjia.zhang@...ux.alibaba.com> wrote:
>
> In order to maintain code consistency and readability,
> skb_to_full_sk() is used to get full socket from skb.
>
> Signed-off-by: Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>
Acked-by: Stephen Smalley <stephen.smalley.work@...il.com>
> ---
> security/selinux/hooks.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 595ceb314aeb..362f92b2fafb 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -5861,7 +5861,7 @@ static unsigned int selinux_ip_output(void *priv, struct sk_buff *skb,
> /* we do this in the LOCAL_OUT path and not the POST_ROUTING path
> * because we want to make sure we apply the necessary labeling
> * before IPsec is applied so we can leverage AH protection */
> - sk = sk_to_full_sk(skb->sk);
> + sk = skb_to_full_sk(skb);
> if (sk) {
> struct sk_security_struct *sksec;
>
> --
> 2.39.5 (Apple Git-154)
>
Powered by blists - more mailing lists