projects / platform / kernel / linux-stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7a12bcd) | patch
selinux: look for IPsec labels on both inbound and outbound packets
authorPaul Moore <pmoore@redhat.com>
Tue, 10 Dec 2013 19:57:54 +0000 (14:57 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 8 Jan 2014 17:42:12 +0000 (09:42 -0800)
commit73ec955cd6954d69540c7a761182ee84d2bad189
treed2e9e8a5966067058d959d9bcae6ea77cf6aaf02tree | snapshot
parent7a12bcd95b59dcf1a715827846baa7c81d1946f9commit | diff
selinux: look for IPsec labels on both inbound and outbound packets

commit 817eff718dca4e54d5721211ddde0914428fbb7c upstream.

Previously selinux_skb_peerlbl_sid() would only check for labeled
IPsec security labels on inbound packets, this patch enables it to
check both inbound and outbound traffic for labeled IPsec security
labels.

Reported-by: Janak Desai <Janak.Desai@gtri.gatech.edu>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
security/selinux/hooks.c diff | blob | history
security/selinux/include/xfrm.h diff | blob | history
security/selinux/xfrm.c diff | blob | history
Domain: System / Kernel;