On Mon, Aug 26, 2024 at 6:33 AM Guido Trentalancia <guido@xxxxxxxxxxxxxxxx> wrote: > > In function selinux_netlbl_inet_csk_clone() mark > as labeled not only IPv4, but also IPv6 sockets. > > The current partial labeling was introduced in > commit 389fb800ac8be2832efedd19978a2b8ced37eb61 > due to the fact that IPv6 labeling was not > supported yet at the time. > > Signed-off-by: Guido Trentalancia <guido@xxxxxxxxxxxxxxxx> > --- > security/selinux/netlabel.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Hi Guido, Thanks for your patch, but it appears to be mangled by your email client and doesn't apply cleanly. Can you resend it to the mailing list using a method that doesn't alter the patch? The Linux kernel documentation has some tips on how to submit patches, including configuration options and methods to use with a number of popular email clients: * https://docs.kernel.org/process/submitting-patches.html#no-mime-no-links-no-compression-no-attachments-just-plain-text * https://docs.kernel.org/process/email-clients.html > --- a/security/selinux/netlabel.c 2024-08-25 22:19:37.556414928 > +0200 > +++ b/security/selinux/netlabel.c 2024-08-25 22:20:02.860415642 > +0200 > @@ -358,7 +358,7 @@ void selinux_netlbl_inet_csk_clone(struc > { > struct sk_security_struct *sksec = sk->sk_security; > > - if (family == PF_INET) > + if (family == PF_INET || family == PF_INET6) > sksec->nlbl_state = NLBL_LABELED; > else > sksec->nlbl_state = NLBL_UNSET; -- paul-moore.com
