On Tue, 29 Sep 2020, Paul Moore wrote: > As pointed out by Herbert in a recent related patch, the LSM hooks > should pass the address family in addition to the xfrm flow as the > family information is needed to safely access the flow. > > While this is not technically a problem for the current LSM/SELinux > code as it only accesses fields common to all address families, we > should still pass the address family so that the LSM hook isn't > inherently flawed. An alternate solution could be to simply pass > the LSM secid instead of flow, but this introduces the problem of > the LSM hook callers sending the wrong secid which would be much > worse. > > Reported-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx> I'm not keen on adding a parameter which nobody is using. Perhaps a note in the header instead? -- James Morris <jmorris@xxxxxxxxx>
