linux-sg2042/net
Paul Moore c6387a8694 [NetLabel]: Verify sensitivity level has a valid CIPSO mapping
The current CIPSO engine has a problem where it does not verify that
the given sensitivity level has a valid CIPSO mapping when the "std"
CIPSO DOI type is used.  The end result is that bad packets are sent
on the wire which should have never been sent in the first place.
This patch corrects this problem by verifying the sensitivity level
mapping similar to what is done with the category mapping.  This patch
also changes the returned error code in this case to -EPERM to better
match what the category mapping verification code returns.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-02 20:37:36 -08:00
..
802 [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
8021q [PATCH] mark struct file_operations const 7 2007-02-12 09:48:46 -08:00
appletalk [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
atm [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
ax25 [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
bluetooth [Bluetooth] Make use of device_move() for RFCOMM TTY devices 2007-02-26 11:42:41 -08:00
bridge [BRIDGE]: Fix locking of set path cost. 2007-02-28 09:42:12 -08:00
core [NET]: Fix kfree(skb) 2007-02-28 09:42:14 -08:00
dccp [NET]: Fix kfree(skb) 2007-02-28 09:42:14 -08:00
decnet [PATCH] sysctl: remove the proc_dir_entry member for the sysctl tables 2007-02-14 08:10:00 -08:00
econet [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
ethernet [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
ieee80211 Merge branch 'upstream' into upstream-jgarzik 2007-02-17 18:26:09 -05:00
ipv4 [NetLabel]: Verify sensitivity level has a valid CIPSO mapping 2007-03-02 20:37:36 -08:00
ipv6 [IPV6]: /proc/net/anycast6 unbalanced inet6_dev refcnt 2007-02-28 09:42:10 -08:00
ipx [IPX]: Remove ancient changelog 2007-02-28 09:42:06 -08:00
irda [IRDA] net/irda/: proper prototypes 2007-02-26 11:42:43 -08:00
iucv [S390]: Add AF_IUCV socket support 2007-02-08 13:51:54 -08:00
key [XFRM]: Fix OOPSes in xfrm_audit_log(). 2007-02-12 13:53:54 -08:00
lapb [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
llc [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
netfilter [NET]: Handle disabled preemption in gfp_any() 2007-02-28 09:42:13 -08:00
netlabel [NET]: Fix kfree(skb) 2007-02-28 09:42:14 -08:00
netlink [PATCH] mark struct file_operations const 8 2007-02-12 09:48:46 -08:00
netrom [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
packet [AF_PACKET]: Remove unnecessary casts. 2007-02-26 11:42:45 -08:00
rose [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
rxrpc [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
sched [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
sctp [SCTP]: Strike the transport before updating rto. 2007-02-26 11:42:50 -08:00
sunrpc [PATCH] Convert highest_possible_processor_id to nr_cpu_ids 2007-02-20 17:10:13 -08:00
tipc [NET] TIPC: Fix whitespace errors. 2007-02-10 23:20:15 -08:00
unix [AF_UNIX]: Test against sk_max_ack_backlog properly. 2007-03-02 20:37:34 -08:00
wanrouter [PATCH] mark struct file_operations const 8 2007-02-12 09:48:46 -08:00
x25 [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
xfrm [NET]: Fix kfree(skb) 2007-02-28 09:42:14 -08:00
Kconfig [S390]: Rewrite of the IUCV base code, part 2 2007-02-08 13:37:42 -08:00
Makefile [S390]: Rewrite of the IUCV base code, part 2 2007-02-08 13:37:42 -08:00
TUNABLE Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
compat.c [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
nonet.c [PATCH] Make most file operations structs in fs/ const 2006-03-28 09:16:06 -08:00
socket.c [PATCH] AUDIT_FD_PAIR 2007-02-17 21:30:15 -05:00
sysctl_net.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00