[PATCHv2 net 0/4] security: fixups for the security hooks in sctp

patchwork-bot+netdevbpf at kernel.org patchwork-bot+netdevbpf at kernel.org
Wed Nov 3 11:20:09 UTC 2021


Hello:

This series was applied to netdev/net.git (master)
by David S. Miller <davem at davemloft.net>:

On Tue,  2 Nov 2021 08:02:46 -0400 you wrote:
> There are a couple of problems in the currect security hooks in sctp:
> 
> 1. The hooks incorrectly treat sctp_endpoint in SCTP as request_sock in
>    TCP, while it's in fact no more than an extension of the sock, and
>    represents the local host. It is created when sock is created, not
>    when a conn request comes. sctp_association is actually the correct
>    one to represent the connection, and created when a conn request
>    arrives.
> 
> [...]

Here is the summary with links:
  - [PATCHv2,net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone
    https://git.kernel.org/netdev/net/c/c081d53f97a1
  - [PATCHv2,net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce
    https://git.kernel.org/netdev/net/c/e215dab1c490
  - [PATCHv2,net,3/4] security: add sctp_assoc_established hook
    https://git.kernel.org/netdev/net/c/7c2ef0240e6a
  - [PATCHv2,net,4/4] security: implement sctp_assoc_established hook in selinux
    https://git.kernel.org/netdev/net/c/e7310c94024c

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html




More information about the Linux-security-module-archive mailing list