]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f49d69e) | patch
selinux: vsock: Set SID for socket returned by accept()
authorDavid Brazdil <dbrazdil@google.com>
Fri, 19 Mar 2021 13:05:41 +0000 (13:05 +0000)
committerDavid S. Miller <davem@davemloft.net>
Fri, 19 Mar 2021 20:46:55 +0000 (13:46 -0700)
commitff9ce19a8b7edab8e1acbfbec38973875bbd8ba7
tree28889dce13b4c1cacb2cc563e627f78665887e70tree | snapshot
parentf49d69e1facde4cbb82bdb1d61d627cca088a77acommit | diff
selinux: vsock: Set SID for socket returned by accept()

For AF_VSOCK, accept() currently returns sockets that are unlabelled.
Other socket families derive the child's SID from the SID of the parent
and the SID of the incoming packet. This is typically done as the
connected socket is placed in the queue that accept() removes from.

Reuse the existing 'security_sk_clone' hook to copy the SID from the
parent (server) socket to the child. There is no packet SID in this
case.

Fixes: e9d736dd26b5 ("VSOCK: Introduce VM Sockets")
Signed-off-by: David Brazdil <dbrazdil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/vmw_vsock/af_vsock.c diff | blob | history
Linux Kernel Source Tree.