linux_dsm_epyc7002/security
Stephen Smalley 911656f8a6 [PATCH] selinux: Fix address length checks in connect hook
This patch fixes the address length checks in the selinux_socket_connect
hook to be no more restrictive than the underlying ipv4 and ipv6 code;
otherwise, this hook can reject valid connect calls.  This patch is in
response to a bug report where an application was calling connect on an
INET6 socket with an address that didn't include the optional scope id and
failing due to these checks.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-07-28 21:46:05 -07:00
..
keys [PATCH] Keys: Base keyring size on key pointer not key struct 2005-07-07 18:23:46 -07:00
selinux [PATCH] selinux: Fix address length checks in connect hook 2005-07-28 21:46:05 -07:00
capability.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
commoncap.c [PATCH] setuid core dump 2005-06-23 09:45:26 -07:00
dummy.c [PATCH] setuid core dump 2005-06-23 09:45:26 -07:00
Kconfig Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
Makefile Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
root_plug.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
seclvl.c [PATCH] sysfs: (rest) if show/store is missing return -EIO 2005-06-20 15:15:03 -07:00
security.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00