On Tue, Jan 30, 2024 at 6:23 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > Instead of returning -EINVAL if any type of error occurs, limit > -EINVAL to only those errors caused by passing a bad/invalid socket > or packet/skb. In other cases where everything is correct but there > isn't a valid peer label we return -ENOPROTOOPT. > > This helps make selinux_socket_getpeersec_dgram() more consistent > with selinux_socket_getpeersec_stream(). > > Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx> > --- > security/selinux/hooks.c | 14 ++++++++------ > 1 file changed, 8 insertions(+), 6 deletions(-) Merged into selinux/dev. -- paul-moore.com
