Hello,
Sam Varshavchik wrote:
> Here's an strace of when fd 3 is originally an IPv4 socket, and
> everything goes correctly:
>
> connect(3, {sa_family=AF_INET, sin_port=htons(1080),
> sin_addr=inet_addr("192.168.0.5")}, 16) = -1 EINPROGRESS (Operation now
> in progress)
>
> Now, if the original fd #3 is an IPv6 socket, the connect breaks:
>
> connect(3, {sa_family=AF_INET, sin_port=htons(1080),
> sin_addr=inet_addr("192.168.0.5")}, 28) = -1 EINVAL (Invalid argument)
Note that in the first case the third argument to connect is 16
(sizeof struct sockaddr_in), but in the second case it is 28 (sizeof
struct sockaddr_in6). While the base kernel allows larger sizes
than (sizeof struct sockaddr_in), SELinux performs additional checks
which prohibit this, see e.g. #158234.
> Can anyone tell me why this is _not_ a kernel bug?
It does break existing applications, but the definite specification is
probably SUSv3, which seems to allow this behavior.
Mirek
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-devel-list
