[PATCH] NETWORKING: avoid use IPCB in cipso_v4_error
davem at davemloft.net
Tue Feb 19 01:25:44 UTC 2019
From: Nazarov Sergey <s-nazarov at yandex.ru>
Date: Mon, 18 Feb 2019 16:39:11 +0300
> I think, it would not be a good solution, if I will analyze all
> subsystems using icmp_send, because I do not have enough knowledge
> for this. I propose to add a new function, for example,
> ismp_send_safe, something like that:
Please don't do this.
Solve the problem properly by auditing each case, there aren't a lot and
it is not too difficult to see the upcall sites.
More information about the Linux-security-module-archive