On Fri, Mar 2, 2018 at 2:54 PM, Richard Haines
<richard_c_haines@xxxxxxxxxxxxxx> wrote:
> Fix the following error when running regression tests using LTP as follows:
> cd /opt/ltp/
> cat runtest/syscalls |grep connect01>runtest/connect-syscall
> ./runltp -pq -f connect-syscall
>
> Running tests.......
> connect01 1 TPASS : bad file descriptor successful
> connect01 2 TPASS : invalid socket buffer successful
> connect01 3 TPASS : invalid salen successful
> connect01 4 TPASS : invalid socket successful
> connect01 5 TPASS : already connected successful
> connect01 6 TPASS : connection refused successful
> connect01 7 TFAIL : connect01.c:146: invalid address family ;
> returned -1 (expected -1), errno 22 (expected 97)
> INFO: ltp-pan reported some tests FAIL
> LTP Version: 20180118
>
> Reported-by: Anders Roxell <anders.roxell@xxxxxxxxxx>
> Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
> ---
> security/selinux/hooks.c | 42 ++++++++++++++++++++++++++++++------------
> 1 file changed, 30 insertions(+), 12 deletions(-)
Merged, thanks guys.
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 28a5c4e..d614df1 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -4470,22 +4470,29 @@ static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, in
> * need to check address->sa_family as it is possible to have
> * sk->sk_family = PF_INET6 with addr->sa_family = AF_INET.
> */
> - if (address->sa_family == AF_INET) {
> - if (addrlen < sizeof(struct sockaddr_in)) {
> - err = -EINVAL;
> - goto out;
> - }
> + switch (address->sa_family) {
> + case AF_INET:
> + if (addrlen < sizeof(struct sockaddr_in))
> + return -EINVAL;
> addr4 = (struct sockaddr_in *)address;
> snum = ntohs(addr4->sin_port);
> addrp = (char *)&addr4->sin_addr.s_addr;
> - } else {
> - if (addrlen < SIN6_LEN_RFC2133) {
> - err = -EINVAL;
> - goto out;
> - }
> + break;
> + case AF_INET6:
> + if (addrlen < SIN6_LEN_RFC2133)
> + return -EINVAL;
> addr6 = (struct sockaddr_in6 *)address;
> snum = ntohs(addr6->sin6_port);
> addrp = (char *)&addr6->sin6_addr.s6_addr;
> + break;
> + default:
> + /* Note that SCTP services expect -EINVAL, whereas
> + * others expect -EAFNOSUPPORT.
> + */
> + if (sksec->sclass == SECCLASS_SCTP_SOCKET)
> + return -EINVAL;
> + else
> + return -EAFNOSUPPORT;
> }
>
> if (snum) {
> @@ -4589,16 +4596,27 @@ static int selinux_socket_connect_helper(struct socket *sock,
> * need to check address->sa_family as it is possible to have
> * sk->sk_family = PF_INET6 with addr->sa_family = AF_INET.
> */
> - if (address->sa_family == AF_INET) {
> + switch (address->sa_family) {
> + case AF_INET:
> addr4 = (struct sockaddr_in *)address;
> if (addrlen < sizeof(struct sockaddr_in))
> return -EINVAL;
> snum = ntohs(addr4->sin_port);
> - } else {
> + break;
> + case AF_INET6:
> addr6 = (struct sockaddr_in6 *)address;
> if (addrlen < SIN6_LEN_RFC2133)
> return -EINVAL;
> snum = ntohs(addr6->sin6_port);
> + break;
> + default:
> + /* Note that SCTP services expect -EINVAL, whereas
> + * others expect -EAFNOSUPPORT.
> + */
> + if (sksec->sclass == SECCLASS_SCTP_SOCKET)
> + return -EINVAL;
> + else
> + return -EAFNOSUPPORT;
> }
>
> err = sel_netport_sid(sk->sk_protocol, snum, &sid);
> --
> 2.14.3
>
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe linux-sctp" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
