summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorPaul Moore <paul@paul-moore.com>2021-11-12 18:18:10 -0500
committerDavid S. Miller <davem@davemloft.net>2021-11-14 12:21:53 +0000
commit1aa3b2207e889a948049c9a8016cedb0218c2389 (patch)
tree4eea6531e19576f50262897e2a673b2f9efff056 /net
parent70701b83e208767f2720d8cd3e6a62cddafb3a30 (diff)
downloadlwn-1aa3b2207e889a948049c9a8016cedb0218c2389.tar.gz
lwn-1aa3b2207e889a948049c9a8016cedb0218c2389.zip
net,lsm,selinux: revert the security_sctp_assoc_established() hook
This patch reverts two prior patches, e7310c94024c ("security: implement sctp_assoc_established hook in selinux") and 7c2ef0240e6a ("security: add sctp_assoc_established hook"), which create the security_sctp_assoc_established() LSM hook and provide a SELinux implementation. Unfortunately these two patches were merged without proper review (the Reviewed-by and Tested-by tags from Richard Haines were for previous revisions of these patches that were significantly different) and there are outstanding objections from the SELinux maintainers regarding these patches. Work is currently ongoing to correct the problems identified in the reverted patches, as well as others that have come up during review, but it is unclear at this point in time when that work will be ready for inclusion in the mainline kernel. In the interest of not keeping objectionable code in the kernel for multiple weeks, and potentially a kernel release, we are reverting the two problematic patches. Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/sctp/sm_statefuns.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index 39ba82ee87ce..354c1c4de19b 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -946,7 +946,7 @@ enum sctp_disposition sctp_sf_do_5_1E_ca(struct net *net,
sctp_add_cmd_sf(commands, SCTP_CMD_INIT_COUNTER_RESET, SCTP_NULL());
/* Set peer label for connection. */
- security_sctp_assoc_established((struct sctp_association *)asoc, chunk->skb);
+ security_inet_conn_established(ep->base.sk, chunk->skb);
/* RFC 2960 5.1 Normal Establishment of an Association
*