lsm,selinux: pass flowi_common instead of flowi to the LSM hooks

As pointed out by Herbert in a recent related patch, the LSM hooks do not have the necessary address family information to use the flowi struct safely. As none of the LSMs currently use any of the protocol specific flowi information, replace the flowi pointers with pointers to the address family independent flowi_common struct. Reported-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: James Morris <jamorris@linux.microsoft.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Change-Id: Ic0f16cf514773f473705d48c787527f910943f1a
author: Paul Moore <paul@paul-moore.com> 2020-09-27 22:38:26 -0400
committer: Alexander Grund <flamefire89@gmail.com> 2024-01-02 11:45:03 +0100
commit: 4853041f3f85593509677e90626d14255d91466c (patch)
tree: a9ce3831ef0b62daf330747c60d474e9bc586e2c /security/selinux/hooks.c
parent: 31d4916af0989535bc16e7015eaaf1bd0c7450b6 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 3d24f86b423f..3bac79428c9b 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4835,9 +4835,9 @@ static void selinux_secmark_refcount_dec(void)
 }
 
 static void selinux_req_classify_flow(const struct request_sock *req,
-				      struct flowi *fl)
+				      struct flowi_common *flic)
 {
-	fl->flowi_secid = req->secid;
+	flic->flowic_secid = req->secid;
 }
 
 static int selinux_tun_dev_alloc_security(void **security)
author	Paul Moore <paul@paul-moore.com>	2020-09-27 22:38:26 -0400
committer	Alexander Grund <flamefire89@gmail.com>	2024-01-02 11:45:03 +0100
commit	4853041f3f85593509677e90626d14255d91466c (patch)
tree	a9ce3831ef0b62daf330747c60d474e9bc586e2c /security/selinux/hooks.c
parent	31d4916af0989535bc16e7015eaaf1bd0c7450b6 (diff)