linux/net/dccp
Kuniyuki Iwashima 23be1e0e2a dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses.
Initially, commit 4237c75c0a ("[MLSXFRM]: Auto-labeling of child
sockets") introduced security_inet_conn_request() in some functions
where reqsk is allocated.  The hook is added just after the allocation,
so reqsk's IPv6 remote address was not initialised then.

However, SELinux/Smack started to read it in netlbl_req_setattr()
after commit e1adea9270 ("calipso: Allow request sockets to be
relabelled by the lsm.").

Commit 284904aa79 ("lsm: Relocate the IPv4 security_inet_conn_request()
hooks") fixed that kind of issue only in TCPv4 because IPv6 labeling was
not supported at that time.  Finally, the same issue was introduced again
in IPv6.

Let's apply the same fix on DCCPv6 and TCPv6.

Fixes: e1adea9270 ("calipso: Allow request sockets to be relabelled by the lsm.")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2023-11-02 12:56:03 +01:00
..
ccids dccp: tfrc: fix doc warnings in tfrc_equation.c 2021-06-10 14:08:49 -07:00
ackvec.c net: dccp: Fix most of the kerneldoc warnings 2020-10-30 12:08:54 -07:00
ackvec.h
ccid.c
ccid.h
dccp.h net: ioctl: Use kernel memory on protocol ioctl callbacks 2023-06-15 22:33:26 -07:00
diag.c
feat.c dccp: Return the correct errno code 2021-02-06 11:15:28 -08:00
feat.h dccp: Remove unused declaration dccp_feat_initialise_sysctls() 2023-07-27 17:16:26 -07:00
input.c
ipv4.c dccp: Call security_inet_conn_request() after setting IPv4 addresses. 2023-11-02 12:55:42 +01:00
ipv6.c dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. 2023-11-02 12:56:03 +01:00
ipv6.h ipv6: remove hard coded limitation on ipv6_pinfo 2023-07-24 09:39:31 +01:00
Kconfig
Makefile
minisocks.c tcp: allocate tcp_death_row outside of struct netns_ipv4 2022-01-26 19:00:31 -08:00
options.c
output.c dccp: fix data-race around dp->dccps_mss_cache 2023-08-04 18:27:58 -07:00
proto.c dccp: annotate data-races in dccp_poll() 2023-08-18 19:30:24 -07:00
qpolicy.c net: dccp: Fix most of the kerneldoc warnings 2020-10-30 12:08:54 -07:00
sysctl.c
timer.c tcp: record last received ipv6 flowlabel 2023-10-10 10:02:59 +02:00
trace.h net: dccp: Use memset_startat() for TP zeroing 2021-11-19 11:22:49 +00:00