From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7LHWnrU017931 for ; Sun, 21 Aug 2016 13:32:49 -0400 Message-ID: <1471800708.2544.5.camel@trentalancia.net> Subject: Re: [PATCH] Differentiate between Unix Stream Socket and Sequential Packet Socket From: Guido Trentalancia To: Paul Moore Cc: selinux@tycho.nsa.gov Date: Sun, 21 Aug 2016 19:31:48 +0200 In-Reply-To: References: <1471709886.22998.1.camel@trentalancia.net> <89E5C3EA-9794-4496-A195-1C997A5BBF44@trentalancia.net> <43BE5B4F-9AE4-4EDB-825A-F1C15042B385@trentalancia.net> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Hello Paul. On Sat, 20/08/2016 at 23.24 -0400, Paul Moore wrote: > On Sat, Aug 20, 2016 at 3:09 PM, Guido Trentalancia > wrote: > > > > Hello Paul! > > > > The message subject used in the Reference Policy mailing list is: > > "Update the lvm module" and it's one of the most recent posting. > > > > I haven't tried yet reproducing the problem outside of the system > > bootup. > > > > I believe it happens when cryptsetup uses the user-space interface > > to the kernel Crypto API. > > > > Do you have any idea on the reason why the class is being marked as > > "socket" instead of "unix_stream_socket" (for sequential packet > > socket)? > > Thanks for the pointer to the thread; that helped. > > As far as the socket class is concerned, I wonder if cryptsetup is > using an AF_ALG socket?  Some quick Googling of the cryptsetup source > repo indicates this may be the case.  We don't currently have a > specific object class for the AF_ALG socket family so it would appear > as the generic socket class. There has been a misunderstanding between the socket namespace and style. Indeed, I was missing something ! I have now posted a new version of the patch (v2) which should properly classify the new socket type. Best regards, Guido