projects / openwrt / staging / blogic.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 446b802) | patch
selinux: look for IPsec labels on both inbound and outbound packets
authorPaul Moore <pmoore@redhat.com>
Tue, 10 Dec 2013 19:57:54 +0000 (14:57 -0500)
committerPaul Moore <pmoore@redhat.com>
Thu, 12 Dec 2013 22:21:31 +0000 (17:21 -0500)
commit817eff718dca4e54d5721211ddde0914428fbb7c
treeaf7ee8d6ca454532624c7148e9f96bd1a67c0cb3tree | snapshot
parent446b802437f285de68ffb8d6fac3c44c3cab5b04commit | diff
selinux: look for IPsec labels on both inbound and outbound packets

Previously selinux_skb_peerlbl_sid() would only check for labeled
IPsec security labels on inbound packets, this patch enables it to
check both inbound and outbound traffic for labeled IPsec security
labels.

Reported-by: Janak Desai <Janak.Desai@gtri.gatech.edu>
Cc: stable@vger.kernel.org
Signed-off-by: Paul Moore <pmoore@redhat.com>
security/selinux/hooks.c diff | blob | history
security/selinux/include/xfrm.h diff | blob | history
security/selinux/xfrm.c diff | blob | history
John Crispins staging tree