linux_dsm_epyc7002/security/selinux
Stephen Smalley 911656f8a6 [PATCH] selinux: Fix address length checks in connect hook
This patch fixes the address length checks in the selinux_socket_connect
hook to be no more restrictive than the underlying ipv4 and ipv6 code;
otherwise, this hook can reject valid connect calls.  This patch is in
response to a bug report where an application was calling connect on an
INET6 socket with an address that didn't include the optional scope id and
failing due to these checks.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-07-28 21:46:05 -07:00
..
include [PATCH] SELinux: default labeling of MLS field 2005-07-28 08:39:02 -07:00
ss [PATCH] SELinux: default labeling of MLS field 2005-07-28 08:39:02 -07:00
avc.c AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit 2005-05-24 21:28:28 +01:00
hooks.c [PATCH] selinux: Fix address length checks in connect hook 2005-07-28 21:46:05 -07:00
Kconfig Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
Makefile Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
netif.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
netlink.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
nlmsgtab.c [NETLINK]: Neighbour table configuration and statistics via rtnetlink 2005-06-18 22:50:55 -07:00
selinuxfs.c [PATCH] selinux: kfree cleanup 2005-06-25 16:25:00 -07:00