summaryrefslogtreecommitdiff
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
authorMaarten Lankhorst <maarten.lankhorst@linux.intel.com>2019-05-28 09:38:59 +0200
committerMaarten Lankhorst <maarten.lankhorst@linux.intel.com>2019-05-28 09:39:08 +0200
commit4672b1d65fc9b5a5ded911fbebb4853b892d5d89 (patch)
tree4ddeeb9fd195ce85f0f49525b94c39bdee8b94d9 /security/selinux/hooks.c
parentcf57fdc8e42bd88dae1213a2bbe683d4b6c2190b (diff)
parent14ee642c2ab0a3d8a1ded11fade692d8b77172b9 (diff)
Merge remote-tracking branch 'drm/drm-next' into drm-misc-next
This picks up rc2 for us as well. Signed-off-by: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index c61787b15f27..3ec702cf46ca 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4637,6 +4637,14 @@ static int selinux_socket_connect_helper(struct socket *sock,
err = sock_has_perm(sk, SOCKET__CONNECT);
if (err)
return err;
+ if (addrlen < offsetofend(struct sockaddr, sa_family))
+ return -EINVAL;
+
+ /* connect(AF_UNSPEC) has special handling, as it is a documented
+ * way to disconnect the socket
+ */
+ if (address->sa_family == AF_UNSPEC)
+ return 0;
/*
* If a TCP, DCCP or SCTP socket, check name_connect permission
@@ -4657,8 +4665,6 @@ static int selinux_socket_connect_helper(struct socket *sock,
* need to check address->sa_family as it is possible to have
* sk->sk_family = PF_INET6 with addr->sa_family = AF_INET.
*/
- if (addrlen < offsetofend(struct sockaddr, sa_family))
- return -EINVAL;
switch (address->sa_family) {
case AF_INET:
addr4 = (struct sockaddr_in *)address;
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-11 13:33:41 +0000