On Fri, 2006-09-29 at 08:59 -0400, Stephen Smalley wrote:
> On Thu, 2006-09-28 at 23:52 -0400, Joshua Brindle wrote:
> > Venkat Yekkirala wrote:
> > > <snip>
> > > +
> > > + err = avc_has_perm(xfrm_sid, skb->secmark, SECCLASS_PACKET,
> > > + PACKET__FLOW_IN, NULL);
> > > + if (err)
> > > + goto out;
> > > +
> > > + if (xfrm_sid) {
> > > + err = security_transition_sid(xfrm_sid, skb->secmark,
> > > + SECCLASS_PACKET, &trans_sid);
> > > + if (err)
> > > + goto out;
> > > +
> > >
> > I thought we weren't doing transitions to label packets anymore per the
> > conference call?
>
> No, transitions are still part of the reconciliation process. By
> default, this just means that we end up with the xfrm_sid (which is what
> you want). But it allows us the freedom to define transitions on the
> secmark label if desired, and those transitions can still yield subject
> labels.
>
This is not consistent with my perception of the decision made in the
conference call. I thought that the secid was either going to be 1) the
secmark label if no external labeling is present or 2) the external
label if it is present. The flow_in permission would be checked between
the external label and the secmark label in either case (unlabeled in
the case of #1)
How is this different from the implementation before the call?
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
