smack: use skb_to_full_sk() helper
This module wants to access sk->sk_security, which is not
available for request sockets.
Fixes: ca6fb06518
("tcp: attach SYNACK messages to request sockets instead of listener")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
54abc686c2
commit
8827d90e29
|
@ -17,6 +17,7 @@
|
||||||
#include <linux/netfilter_ipv4.h>
|
#include <linux/netfilter_ipv4.h>
|
||||||
#include <linux/netfilter_ipv6.h>
|
#include <linux/netfilter_ipv6.h>
|
||||||
#include <linux/netdevice.h>
|
#include <linux/netdevice.h>
|
||||||
|
#include <net/inet_sock.h>
|
||||||
#include "smack.h"
|
#include "smack.h"
|
||||||
|
|
||||||
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
|
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
|
||||||
|
@ -25,11 +26,12 @@ static unsigned int smack_ipv6_output(void *priv,
|
||||||
struct sk_buff *skb,
|
struct sk_buff *skb,
|
||||||
const struct nf_hook_state *state)
|
const struct nf_hook_state *state)
|
||||||
{
|
{
|
||||||
|
struct sock *sk = skb_to_full_sk(skb);
|
||||||
struct socket_smack *ssp;
|
struct socket_smack *ssp;
|
||||||
struct smack_known *skp;
|
struct smack_known *skp;
|
||||||
|
|
||||||
if (skb && skb->sk && skb->sk->sk_security) {
|
if (sk && sk->sk_security) {
|
||||||
ssp = skb->sk->sk_security;
|
ssp = sk->sk_security;
|
||||||
skp = ssp->smk_out;
|
skp = ssp->smk_out;
|
||||||
skb->secmark = skp->smk_secid;
|
skb->secmark = skp->smk_secid;
|
||||||
}
|
}
|
||||||
|
@ -42,11 +44,12 @@ static unsigned int smack_ipv4_output(void *priv,
|
||||||
struct sk_buff *skb,
|
struct sk_buff *skb,
|
||||||
const struct nf_hook_state *state)
|
const struct nf_hook_state *state)
|
||||||
{
|
{
|
||||||
|
struct sock *sk = skb_to_full_sk(skb);
|
||||||
struct socket_smack *ssp;
|
struct socket_smack *ssp;
|
||||||
struct smack_known *skp;
|
struct smack_known *skp;
|
||||||
|
|
||||||
if (skb && skb->sk && skb->sk->sk_security) {
|
if (sk && sk->sk_security) {
|
||||||
ssp = skb->sk->sk_security;
|
ssp = sk->sk_security;
|
||||||
skp = ssp->smk_out;
|
skp = ssp->smk_out;
|
||||||
skb->secmark = skp->smk_secid;
|
skb->secmark = skp->smk_secid;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue