]> bbs.cooldavid.org Git - net-next-2.6.git/commit
git://bbs.cooldavid.org / net-next-2.6.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 04f6d70) | patch
SELinux: indicate fatal error in compat netfilter code
authorEric Paris <eparis@redhat.com>
Tue, 23 Nov 2010 06:28:08 +0000 (06:28 +0000)
committerDavid S. Miller <davem@davemloft.net>
Tue, 23 Nov 2010 18:50:17 +0000 (10:50 -0800)
commit2fe66ec242d3f76e3b0101f36419e7e5405bcff3
tree2091420d53ae1bf9e7673c2275b36c6b1e6aac1btree | snapshot (tar.bz2 tar.gz zip)
parent04f6d70f6e64900a5d70a5fc199dd9d5fa787738commit | diff
SELinux: indicate fatal error in compat netfilter code

The SELinux ip postroute code indicates when policy rejected a packet and
passes the error back up the stack.  The compat code does not.  This patch
sends the same kind of error back up the stack in the compat code.

Based-on-patch-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
security/selinux/hooks.c diff | blob | blame | history
Clone of davem's net-next-2.6 tree