On Tue, Feb 25, 2020 at 4:51 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote:
>
> First, the setting of SCTP_EVENTS socket option in sctp_server.c is
> completely wrong -- it assumes little-endian byte order and uses a plain
> int instead of the dedicated sctp_event_subscribe struct.
>
> Second, the usage in sctp_peeloff_server.c is correct, but it may lead
> to errors when the SCTP header definitions are newer than what the
> kernel supports. In such case the size of struct sctp_event_subscribe
> may be higher than the kernel's version and the setsockopt(2) may fail
> with -EINVAL due to the 'optlen > sizeof(struct sctp_event_subscribe)'
> check in net/sctp/socket.c:sctp_setsockopt_events().
>
> To fix this, introduce a common function that does what the
> sctp_peeloff_server's set_subscr_events() did, but also truncates the
> optlen to only those fields that we use.
>
> Fixes: c38b57ffdac4 ("selinux-testsuite: Add SCTP test support")
> Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
