Re: [PATCH v2] net/unix: Add secdata to unix_stream msgs

From: Paul Moore
Date: Wed Mar 23 2011 - 18:16:54 EST

Next message: Florian Tobias Schandinat: "viafb clock patches - first round"
Previous message: richard -rw- weinberger: "Re: Corrupted files after suspend to disk"
In reply to: Pat Kane: "Re: [PATCH v2] net/unix: Add secdata to unix_stream msgs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wednesday, March 23, 2011 4:23:35 PM Pat Kane wrote:
> >> On Tue, 2011-03-22 at 19:32 -0700, David Miller wrote:
> >>> The SELINUX hook implementations even have "_dgram()" in their names.
>
> The LSM hook that I am having problems with, and that the patch fixes
> is "secid_to_secctx()" not "socket_getpeersec_dgram()".

Can you explain the problem you are having? I'm specifically interested in
who is calling secid_to_secctx() on a AF_UNIX stream packet.

Adding the secid token to a AF_UNIX stream packet isn't likely to be the right
solution, although until we hear what the core problem is, I'm not sure we can
offer any fixes.

--
paul moore
linux @ hp
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Florian Tobias Schandinat: "viafb clock patches - first round"
Previous message: richard -rw- weinberger: "Re: Corrupted files after suspend to disk"
In reply to: Pat Kane: "Re: [PATCH v2] net/unix: Add secdata to unix_stream msgs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]