[PATCHv2 net 0/4] security: fixups for the security hooks in sctp
patchwork-bot+netdevbpf at kernel.org
patchwork-bot+netdevbpf at kernel.org
Wed Nov 3 11:20:09 UTC 2021
Hello:
This series was applied to netdev/net.git (master)
by David S. Miller <davem at davemloft.net>:
On Tue, 2 Nov 2021 08:02:46 -0400 you wrote:
> There are a couple of problems in the currect security hooks in sctp:
>
> 1. The hooks incorrectly treat sctp_endpoint in SCTP as request_sock in
> TCP, while it's in fact no more than an extension of the sock, and
> represents the local host. It is created when sock is created, not
> when a conn request comes. sctp_association is actually the correct
> one to represent the connection, and created when a conn request
> arrives.
>
> [...]
Here is the summary with links:
- [PATCHv2,net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone
https://git.kernel.org/netdev/net/c/c081d53f97a1
- [PATCHv2,net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce
https://git.kernel.org/netdev/net/c/e215dab1c490
- [PATCHv2,net,3/4] security: add sctp_assoc_established hook
https://git.kernel.org/netdev/net/c/7c2ef0240e6a
- [PATCHv2,net,4/4] security: implement sctp_assoc_established hook in selinux
https://git.kernel.org/netdev/net/c/e7310c94024c
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
More information about the Linux-security-module-archive
mailing list