Re: [PATCHv2 net 0/4] security: fixups for the security hooks in sctp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello:

This series was applied to netdev/net.git (master)
by David S. Miller <davem@xxxxxxxxxxxxx>:

On Tue,  2 Nov 2021 08:02:46 -0400 you wrote:
> There are a couple of problems in the currect security hooks in sctp:
> 
> 1. The hooks incorrectly treat sctp_endpoint in SCTP as request_sock in
>    TCP, while it's in fact no more than an extension of the sock, and
>    represents the local host. It is created when sock is created, not
>    when a conn request comes. sctp_association is actually the correct
>    one to represent the connection, and created when a conn request
>    arrives.
> 
> [...]

Here is the summary with links:
  - [PATCHv2,net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone
    https://git.kernel.org/netdev/net/c/c081d53f97a1
  - [PATCHv2,net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce
    https://git.kernel.org/netdev/net/c/e215dab1c490
  - [PATCHv2,net,3/4] security: add sctp_assoc_established hook
    https://git.kernel.org/netdev/net/c/7c2ef0240e6a
  - [PATCHv2,net,4/4] security: implement sctp_assoc_established hook in selinux
    https://git.kernel.org/netdev/net/c/e7310c94024c

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html





[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux