SELinux: Return correct context for SO_PEERSEC
Fix SO_PEERSEC for tcp sockets to return the security context of the peer (as represented by the SA from the peer) as opposed to the SA used by the local/source socket. Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Venkat Yekkirala
committed by
David S. Miller
David S. Miller
parent
c1a856c964
commit
6b877699c6
@@ -4230,6 +4230,8 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
|
||||
mb();
|
||||
tcp_set_state(sk, TCP_ESTABLISHED);
|
||||
|
||||
security_inet_conn_established(sk, skb);
|
||||
|
||||
/* Make sure socket is routed, for correct metrics. */
|
||||
icsk->icsk_af_ops->rebuild_header(sk);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user