• Tetsuo Handa's avatar
    net: Fix security_socket_sendmsg() bypass problem. · c71d8ebe
    Tetsuo Handa authored
    The sendmmsg() introduced by commit 228e548e "net: Add sendmmsg socket system
    call" is capable of sending to multiple different destination addresses.
    
    SMACK is using destination's address for checking sendmsg() permission.
    However, security_socket_sendmsg() is called for only once even if multiple
    different destination addresses are passed to sendmmsg().
    
    Therefore, we need to call security_socket_sendmsg() for each destination
    address rather than only the first destination address.
    
    Since calling security_socket_sendmsg() every time when only single destination
    address was passed to sendmmsg() is a waste of time, omit calling
    security_socket_sendmsg() unless destination address of previous datagram and
    that of current datagram differs.
    Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
    Acked-by: default avatarAnton Blanchard <anton@samba.org>
    Cc: stable <stable@kernel.org> [3.0+]
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    c71d8ebe
socket.c 81.6 KB