Re: [PATCH v3] nfnetlink_queue: add security context information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, May 27, 2015 at 01:12:42PM +0200, Roman Kubiak wrote:
> I think i forgot to mention one important thing the function:
> security_sk_getsecid is not in the kernel yet, i posted a patch to
> add it on the linux-security-module mailing list:
> http://marc.info/?t=143254934900006&r=1&w=2

You shouldn't split the patches between several lists, they are
interdependent and without that context it is normal that people don't
understand your intentions.

So please send the full patchset, Cc'ing the relevant lists so we can
get feedback from both the netfilter and the linux-security
communities.

BTW, another minor nitpick below:

> > diff --git a/net/netfilter/nfnetlink_queue_core.c b/net/netfilter/nfnetlink_queue_core.c
> > index 0b98c74..ae4f520 100644
> > --- a/net/netfilter/nfnetlink_queue_core.c
> > +++ b/net/netfilter/nfnetlink_queue_core.c
> > @@ -278,6 +278,24 @@ nla_put_failure:
> >  	return -1;
> >  }
> >  
> > +static u32 nfqnl_get_sk_secctx(struct sock *sk, char **secdata)
> > +{
> > +	u32 secid = 0;
> > +	u32 seclen = 0;

Merge these two variable declarations in one line.

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux