From: Paul Moore <pmoore@redhat.com>
To: linux-s390@vger.kernel.org
Cc: netdev@vger.kernel.org, linux-security-module@vger.kernel.org,
selinux@tycho.nsa.gov
Subject: [PATCH] iucv: properly clone LSM attributes to newly created child sockets
Date: Thu, 09 Jun 2016 08:59:53 -0400 [thread overview]
Message-ID: <146547719343.9258.4899338680484754606.stgit@localhost> (raw)
From: Paul Moore <paul@paul-moore.com>
Much like we had to do for AF_BLUETOOTH and AF_ALG, make sure we
properly clone the parent socket's LSM attributes to newly created
child sockets.
Signed-off-by: Paul Moore <paul@paul-moore.com>
---
net/iucv/af_iucv.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
index fc3598a..a0d1e36 100644
--- a/net/iucv/af_iucv.c
+++ b/net/iucv/af_iucv.c
@@ -22,6 +22,7 @@
#include <linux/skbuff.h>
#include <linux/init.h>
#include <linux/poll.h>
+#include <linux/security.h>
#include <net/sock.h>
#include <asm/ebcdic.h>
#include <asm/cpcmd.h>
@@ -530,8 +531,10 @@ static void iucv_sock_close(struct sock *sk)
static void iucv_sock_init(struct sock *sk, struct sock *parent)
{
- if (parent)
+ if (parent) {
sk->sk_type = parent->sk_type;
+ security_sk_clone(parent, sk);
+ }
}
static struct sock *iucv_sock_alloc(struct socket *sock, int proto, gfp_t prio, int kern)
next reply other threads:[~2016-06-09 12:59 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-09 12:59 Paul Moore [this message]
2016-06-09 13:01 ` [PATCH] iucv: properly clone LSM attributes to newly created child sockets Paul Moore
2016-06-09 19:01 ` David Miller
[not found] <OFBFC201CF.D9C45214-ONC1257FCD.0059BB30-C1257FCD.0059C94A@notes.na.collabserv.com>
2016-06-13 10:08 ` Ursula Braun
2016-06-13 12:38 ` Paul Moore
2016-06-13 14:38 ` Ursula Braun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=146547719343.9258.4899338680484754606.stgit@localhost \
--to=pmoore@redhat.com \
--cc=linux-s390@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.