This is an updated patch for SCTP support that I submitted some time ago [1], so decided to restart and see how this one flies. This patch has been tested on Fedora 25 with kernel 4.8.11 using the targeted policy. It therefore does not require the "support distinctions among all network address families" [2] kernel patch that was submitted last week. The commit message in PATCH [1/1] has pointers for testing this patch. ToDo: 1) Add code to support a policy capability or utilise the "extended_socket_class" [2] depending on how this patch progresses. 2) Produce tests for the selinux testsuite. 3) Produce refpolicy updates. [1] http://marc.info/?l=selinux&m=142227840720255&w=2 [2] http://marc.info/?l=selinux&m=148103642804873&w=2 Richard Haines (1): kernel: Add SELinux SCTP protocol support Documentation/security/SELinux-sctp.txt | 508 ++++++++++++++++++++++++++++++++ include/linux/lsm_hooks.h | 27 ++ include/linux/security.h | 16 + net/sctp/sm_statefuns.c | 12 + net/sctp/socket.c | 16 + security/security.c | 18 ++ security/selinux/Makefile | 2 + security/selinux/hooks.c | 124 +++++++- security/selinux/include/classmap.h | 4 + security/selinux/include/sctp.h | 50 ++++ security/selinux/include/sctp_private.h | 39 +++ security/selinux/netlabel.c | 3 + security/selinux/sctp.c | 194 ++++++++++++ 13 files changed, 1002 insertions(+), 11 deletions(-) create mode 100644 Documentation/security/SELinux-sctp.txt create mode 100644 security/selinux/include/sctp.h create mode 100644 security/selinux/include/sctp_private.h create mode 100644 security/selinux/sctp.c -- 2.9.3 -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
