[redhat-lspp] [RFC] TCP/UDP secpeersec patch
Stephen Smalley
sds at tycho.nsa.gov
Mon Jan 9 18:57:19 UTC 2006
On Mon, 2006-01-09 at 13:41 -0500, Catherine Zhang wrote:
> diff -puN security/selinux/hooks.c~lsm-secpeer security/selinux/hooks.c
> --- linux-2.6.15-rc5-mm2-test/security/selinux/hooks.c~lsm-secpeer 2005-12-22
> 16:58:56.000000000 -0500
> +++ linux-2.6.15-rc5-mm2-test-cxzhang/security/selinux/hooks.c 2005-12-30
> 01:26:51.000000000 -0500
> @@ -289,8 +289,10 @@ static int sk_alloc_security(struct sock
> {
> struct sk_security_struct *ssec;
>
> +#if 0
> if (family != PF_UNIX)
> return 0;
> +#endif
>
> ssec = kzalloc(sizeof(*ssec), priority);
> if (!ssec)
As before, please drop that hunk; it looks like a leftover from older
patches, and it isn't safe to start using sk_security for INET socks
anyway without the clone_tcp_sk diff from the old LSM tree. As it
stands, the above will cause you to leak memory.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list