git.samba.org - sfrench/cifs-2.6.git/commit

git.samba.org / sfrench / cifs-2.6.git / commit

author	Paul Moore <paul@paul-moore.com>
	Mon, 28 Sep 2020 02:38:26 +0000 (22:38 -0400)
committer	Paul Moore <paul@paul-moore.com>
	Mon, 23 Nov 2020 23:36:21 +0000 (18:36 -0500)
commit	3df98d79215ace13d1e91ddfc5a67a0f5acbd83f
tree	3e0db692f0d85f9a73ec0e2dd4298bda62f57b8b	tree
parent	b2d99bcb27225fe420a8923b21861aef2bb43d9b	commit \| diff

lsm,selinux: pass flowi_common instead of flowi to the LSM hooks

As pointed out by Herbert in a recent related patch, the LSM hooks do
not have the necessary address family information to use the flowi
struct safely. As none of the LSMs currently use any of the protocol
specific flowi information, replace the flowi pointers with pointers
to the address family independent flowi_common struct.

Reported-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

33 files changed:

drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c		diff \| blob \| history
drivers/net/wireguard/socket.c		diff \| blob \| history
include/linux/lsm_hook_defs.h		diff \| blob \| history
include/linux/lsm_hooks.h		diff \| blob \| history
include/linux/security.h		diff \| blob \| history
include/net/flow.h		diff \| blob \| history
include/net/route.h		diff \| blob \| history
net/dccp/ipv4.c		diff \| blob \| history
net/dccp/ipv6.c		diff \| blob \| history
net/ipv4/icmp.c		diff \| blob \| history
net/ipv4/inet_connection_sock.c		diff \| blob \| history
net/ipv4/ip_output.c		diff \| blob \| history
net/ipv4/ping.c		diff \| blob \| history
net/ipv4/raw.c		diff \| blob \| history
net/ipv4/syncookies.c		diff \| blob \| history
net/ipv4/udp.c		diff \| blob \| history
net/ipv6/af_inet6.c		diff \| blob \| history
net/ipv6/datagram.c		diff \| blob \| history
net/ipv6/icmp.c		diff \| blob \| history
net/ipv6/inet6_connection_sock.c		diff \| blob \| history
net/ipv6/netfilter/nf_reject_ipv6.c		diff \| blob \| history
net/ipv6/ping.c		diff \| blob \| history
net/ipv6/raw.c		diff \| blob \| history
net/ipv6/syncookies.c		diff \| blob \| history
net/ipv6/tcp_ipv6.c		diff \| blob \| history
net/ipv6/udp.c		diff \| blob \| history
net/l2tp/l2tp_ip6.c		diff \| blob \| history
net/netfilter/nf_synproxy_core.c		diff \| blob \| history
net/xfrm/xfrm_state.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/selinux/hooks.c		diff \| blob \| history
security/selinux/include/xfrm.h		diff \| blob \| history
security/selinux/xfrm.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom