Thread (15 messages) 15 messages, 4 authors, 2024-07-26

Re: [PATCH v2 0/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options

From: Paul Moore <paul@paul-moore.com>
Date: 2024-06-14 15:08:53
Also in: linux-security-module

On Fri, Jun 14, 2024 at 3:20 AM [off-list ref] wrote:
Hello:

This series was applied to netdev/net.git (main)
by David S. Miller [off-list ref]:
Welp, that was premature based on the testing requests in the other
thread, but what's done is done.

Ondrej, please accelerate the testing if possible as this patchset now
in the netdev tree and it would be good to know if it need a fix or
reverting before the next merge window.
On Fri,  7 Jun 2024 18:07:51 +0200 you wrote:
quoted
This series aims to improve cipso_v4_skbuff_delattr() to fully
remove the CIPSO options instead of just clearing them with NOPs.
That is implemented in the second patch, while the first patch is
a bugfix for cipso_v4_delopt() that the second patch depends on.

Tested using selinux-testsuite a TMT/Beakerlib test from this PR:
https://src.fedoraproject.org/tests/selinux/pull-request/488

[...]
Here is the summary with links:
  - [v2,1/2] cipso: fix total option length computation
    https://git.kernel.org/netdev/net/c/9f3616991233
  - [v2,2/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options
    (no matching commit)

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
-- 
paul-moore.com
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help