SELinux: Return correct context for SO_PEERSEC Fix SO_PEERSEC for tcp sockets to return the security context of the peer (as represented by the SA from the peer) as opposed to the SA used by the local/source socket. Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com> Signed-off-by: James Morris <jmorris@namei.org>

commit: 6b877699c6f1efede4545bcecc367786a472eedb [log] [tgz]
author: Venkat Yekkirala <vyekkirala@trustedcs.com> Wed Nov 08 17:04:09 2006 -0600
committer: David S. Miller <davem@sunset.davemloft.net> Sat Dec 02 21:21:33 2006 -0800
tree: c0a60dc90578fa9f16d4496e2700bc285eab47c0
parent: c1a856c9640c9ff3d70bbd8214b6a0974609eef8 [diff] [blame]
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index cf06acc..4a8c96c 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c

@@ -4230,6 +4230,8 @@
 		mb();
 		tcp_set_state(sk, TCP_ESTABLISHED);
 
+		security_inet_conn_established(sk, skb);
+
 		/* Make sure socket is routed, for correct metrics.  */
 		icsk->icsk_af_ops->rebuild_header(sk);
commit	6b877699c6f1efede4545bcecc367786a472eedb	[log] [tgz]
author	Venkat Yekkirala <vyekkirala@trustedcs.com>	Wed Nov 08 17:04:09 2006 -0600
committer	David S. Miller <davem@sunset.davemloft.net>	Sat Dec 02 21:21:33 2006 -0800
tree	c0a60dc90578fa9f16d4496e2700bc285eab47c0
parent	c1a856c9640c9ff3d70bbd8214b6a0974609eef8 [diff] [blame]