The current partial labeling was introduced in
commit 389fb800ac8be2832efedd19978a2b8ced37eb61
due to the fact that IPv6 labeling was not
supported yet at the time.
Signed-off-by: Guido Trentalancia <guido@xxxxxxxxxxxxxxxx>
---
security/selinux/netlabel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c
index 55885634e880..f6846cbdd977 100644
--- a/security/selinux/netlabel.c
+++ b/security/selinux/netlabel.c
@@ -358,7 +358,7 @@ void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family)
{
struct sk_security_struct *sksec = sk->sk_security;
- if (family == PF_INET)
+ if (family == PF_INET || family == PF_INET6)
sksec->nlbl_state = NLBL_LABELED;
else
sksec->nlbl_state = NLBL_UNSET;
--
2.19.5
