• James Morris's avatar
    [NET]: Add sock_create_kern() · e2943dca
    James Morris authored
    Under SELinux, and potentially other LSMs, we need to be able to
    distinguish between user sockets and kernel sockets.  For SELinux
    specifically, kernel sockets need to be specially labeled during creation,
    then bypass access control checks (they are controlled by the kernel
    itself and not subject to SELinux mediation).
    
    This addresses a class of potential issues in SELinux where, for example, 
    a TCP NFS session times out, then the kernel re-establishes an RPC 
    connection upon further user activity.  We do not want such kernel 
    created sockets to be labeled with user security contexts.
    
    sock_create() and sock_create_kern() are wrapper functions, which seems 
    semantically clearer to me than e.g. adding a flag to sock_create().  If 
    you prefer the latter, then let me know.
    
    The patch also adds an argument to the LSM socket creation functions
    indicating whether the socket being created is a kernel socket or not.
    e2943dca
security.h 91.6 KB