android/android_kernel_asus_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
898,733 Commits 2 Branches 0 Tags 2 GiB
C 98.1%
Assembly 1.1%
Makefile 0.3%
Shell 0.2%
Python 0.1%
e5a664ef49
Go to file
Kuniyuki Iwashima e5a664ef49 dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. 
[ Upstream commit 23be1e0e2a83a8543214d2599a31d9a2185a796b ]

Initially, commit 4237c75c0a ("[MLSXFRM]: Auto-labeling of child
sockets") introduced security_inet_conn_request() in some functions
where reqsk is allocated.  The hook is added just after the allocation,
so reqsk's IPv6 remote address was not initialised then.

However, SELinux/Smack started to read it in netlbl_req_setattr()
after commit e1adea9270 ("calipso: Allow request sockets to be
relabelled by the lsm.").

Commit 284904aa79 ("lsm: Relocate the IPv4 security_inet_conn_request()
hooks") fixed that kind of issue only in TCPv4 because IPv6 labeling was
not supported at that time.  Finally, the same issue was introduced again
in IPv6.

Let's apply the same fix on DCCPv6 and TCPv6.

Fixes: e1adea9270 ("calipso: Allow request sockets to be relabelled by the lsm.")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-11-20 10:30:15 +01:00
arch powerpc/pseries: fix potential memory leak in init_cpu_associativity() 2023-11-20 10:30:14 +01:00
block block/partition: fix signedness issue for Amiga partitions 2023-07-27 08:37:29 +02:00
certs certs/blacklist_hashes.c: fix const confusion in certs blacklist 2022-06-22 14:11:22 +02:00
crypto X.509: if signature is unsupported skip validation 2023-09-23 10:59:55 +02:00
Documentation firmware: ti_sci: Replace HTTP links with HTTPS ones 2023-11-20 10:30:12 +01:00
drivers Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() 2023-11-20 10:30:15 +01:00
fs f2fs: fix to initialize map.m_pblk in f2fs_precache_extents() 2023-11-20 10:30:14 +01:00
include inet: shrink struct flowi_common 2023-11-20 10:30:15 +01:00
init x86/mm: Initialize text poking earlier 2023-08-08 19:56:36 +02:00
ipc ipc/sem: Fix dangling sem_array access in semtimedop race 2022-12-08 11:23:06 +01:00
kernel genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() 2023-11-20 10:30:08 +01:00
lib kobject: Fix slab-out-of-bounds in fill_kobj_path() 2023-11-08 11:23:38 +01:00
LICENSES LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
mm vfs: fix readahead(2) on block devices 2023-11-20 10:30:08 +01:00
net dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. 2023-11-20 10:30:15 +01:00
samples samples/bpf: Fix buffer overflow in tcp_basertt 2023-07-27 08:37:07 +02:00
scripts modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host 2023-11-20 10:30:14 +01:00
security ima: rework CONFIG_IMA dependency block 2023-10-10 21:46:46 +02:00
sound ASoC: ams-delta.c: use component after check 2023-11-20 10:30:13 +01:00
tools tools: iio: iio_generic_buffer ensure alignment 2023-11-20 10:30:14 +01:00
usr initramfs: restore default compression behavior 2020-04-08 09:08:38 +02:00
virt KVM: Destroy target device if coalesced MMIO unregistration fails 2023-03-11 16:44:01 +01:00
.clang-format clang-format: Update with the latest for_each macro list 2019-08-31 10:00:51 +02:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes
.gitignore Modules updates for v5.4 2019-09-22 10:34:46 -07:00
.mailmap ARM: SoC fixes 2019-11-10 13:41:59 -08:00
COPYING
CREDITS MAINTAINERS: Remove Simon as Renesas SoC Co-Maintainer 2019-10-10 08:12:51 -07:00
Kbuild kbuild: do not descend to ./Kbuild when cleaning 2019-08-21 21:03:58 +09:00
Kconfig docs: kbuild: convert docs to ReST and rename to *.rst 2019-06-14 14:21:21 -06:00
MAINTAINERS iio: stx104: Move to addac subdirectory 2023-08-30 16:27:12 +02:00
Makefile Linux 5.4.260 2023-11-08 11:23:43 +01:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.