On Mon, Jun 13, 2016 at 6:08 AM, Ursula Braun <ubraun@xxxxxxxxxxxxxxxxxx> wrote:
>> From: Paul Moore <paul@xxxxxxxxxxxxxx>
>>
>> Much like we had to do for AF_BLUETOOTH and AF_ALG, make sure we
>> properly clone the parent socket's LSM attributes to newly created
>> child sockets.
>>
>> Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx>
>> ---
>> net/iucv/af_iucv.c | 5 ++++-
>> 1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
>> index fc3598a..a0d1e36 100644
>> --- a/net/iucv/af_iucv.c
>> +++ b/net/iucv/af_iucv.c
>> @@ -22,6 +22,7 @@
>> #include <linux/skbuff.h>
>> #include <linux/init.h>
>> #include <linux/poll.h>
>> +#include <linux/security.h>
>> #include <net/sock.h>
>> #include <asm/ebcdic.h>
>> #include <asm/cpcmd.h>
>> @@ -530,8 +531,10 @@ static void iucv_sock_close(struct sock *sk)
>>
>> static void iucv_sock_init(struct sock *sk, struct sock *parent)
>> {
>> - if (parent)
>> + if (parent) {
>> sk->sk_type = parent->sk_type;
>> + security_sk_clone(parent, sk);
>> + }
>> }
>>
>> static struct sock *iucv_sock_alloc(struct socket *sock, int proto,
>> gfp_t prio, int kern)
>
> applied locally - thx. Your patch will now be submitted for inclusion
> into net-next.
Hi Ursula,
For what it's worth, I applied to the selinux#next branch last week,
it should be in the linux-next builds.
* git://git.infradead.org/users/pcmoore/selinux
* http://git.infradead.org/users/pcmoore/selinux
--
paul moore
www.paul-moore.com
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
