On Tue, 29 Aug 2006, [EMAIL PROTECTED] wrote:
> +void selinux_netlbl_sk_security_init(struct sk_security_struct *ssec,
> + int family)
> +{
> + if (family == PF_INET)
No tab.
> + ssec->nlbl_state = NLBL_REQUIRE;
> + else
> + ssec->nlbl_state = NLBL_UNSET;
> +}
It doesn't look like this code handles ipv4 packets mapped on ipv6
sockets. See the test elsewhere in the SELinux code:
if (family == PF_INET6 && skb->protocol == ntohs(ETH_P_IP))
Also, can you verify that you've tested these fixes and that they resolve
all issues that you've encountered?
--
James Morris
<[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
