git.samba.org / sfrench / cifs-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
selinux: fix the default socket labeling in sock_graft()
[sfrench/cifs-2.6.git] / include / linux / security.h
diff --git a/include/linux/security.h b/include/linux/security.h
index 6478ce3252c7d83fdd853ff2797a54d3cc591db6..794be735ff4ba7e3aad3dcdb473d86bb7b48f43c 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -987,7 +987,10 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *     Retrieve the LSM-specific secid for the sock to enable caching of network
  *     authorizations.
  * @sock_graft:
- *     Sets the socket's isec sid to the sock's sid.
+ *     This hook is called in response to a newly created sock struct being
+ *     grafted onto an existing socket and allows the security module to
+ *     perform whatever security attribute management is necessary for both
+ *     the sock and socket.
  * @inet_conn_request:
  *     Sets the openreq's sid to socket's sid with MLS portion taken from peer sid.
  * @inet_csk_clone:
Unnamed repository; edit this file 'description' to name the repository.