[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20211022083558.5fce8039@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
Date: Fri, 22 Oct 2021 08:35:58 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Xin Long <lucien.xin@...il.com>
Cc: network dev <netdev@...r.kernel.org>, selinux@...r.kernel.org,
linux-security-module@...r.kernel.org, linux-sctp@...r.kernel.org,
davem@...emloft.net,
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
James Morris <jmorris@...ei.org>,
Paul Moore <paul@...l-moore.com>,
Richard Haines <richard_c_haines@...nternet.com>,
Ondrej Mosnacek <omosnace@...hat.com>
Subject: Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and
sctp_sk_clone
On Fri, 22 Oct 2021 02:36:09 -0400 Xin Long wrote:
> This patch is to move secid and peer_secid from endpoint to association,
> and pass asoc to sctp_assoc_request and sctp_sk_clone instead of ep. As
> ep is the local endpoint and asoc represents a connection, and in SCTP
> one sk/ep could have multiple asoc/connection, saving secid/peer_secid
> for new asoc will overwrite the old asoc's.
>
> Note that since asoc can be passed as NULL, security_sctp_assoc_request()
> is moved to the place right after the new_asoc is created in
> sctp_sf_do_5_1B_init() and sctp_sf_do_unexpected_init().
>
> Fixes: 72e89f50084c ("security: Add support for SCTP security hooks")
> Reported-by: Prashanth Prahlad <pprahlad@...hat.com>
> Signed-off-by: Xin Long <lucien.xin@...il.com>
missed one?
security/selinux/netlabel.c:274: warning: Function parameter or member
'asoc' not described in 'selinux_netlbl_sctp_assoc_request'
security/selinux/netlabel.c:274: warning: Excess function parameter 'ep' description in 'selinux_netlbl_sctp_assoc_request'
Powered by blists - more mailing lists