diff options
author | Venkat Yekkirala <vyekkirala@TrustedCS.com> | 2006-08-04 23:08:56 -0700 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-09-22 14:53:22 -0700 |
commit | 892c141e62982272b9c738b5520ad0e5e1ad7b42 (patch) | |
tree | c8e0c9b3e55106d2cb085a5047b9d02dbbb28653 /net/core | |
parent | 08554d6b33e60aa8ee40bbef94505941c0eefef2 (diff) | |
download | linux-3.10-892c141e62982272b9c738b5520ad0e5e1ad7b42.tar.gz linux-3.10-892c141e62982272b9c738b5520ad0e5e1ad7b42.tar.bz2 linux-3.10-892c141e62982272b9c738b5520ad0e5e1ad7b42.zip |
[MLSXFRM]: Add security sid to sock
This adds security for IP sockets at the sock level. Security at the
sock level is needed to enforce the SELinux security policy for
security associations even when a sock is orphaned (such as in the TCP
LAST_ACK state).
This will also be used to enforce SELinux controls over data arriving
at or leaving a child socket while it's still waiting to be accepted.
Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/core')
-rw-r--r-- | net/core/sock.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/core/sock.c b/net/core/sock.c index 51fcfbc041a..b67d868649c 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -911,7 +911,7 @@ struct sock *sk_clone(const struct sock *sk, const gfp_t priority) if (newsk != NULL) { struct sk_filter *filter; - memcpy(newsk, sk, sk->sk_prot->obj_size); + sock_copy(newsk, sk); /* SANITY */ sk_node_init(&newsk->sk_node); |