selinux: fix address family in bind() and connect() to match address/port
Since sctp_bindx() and sctp_connectx() can have multiple addresses, sk_family can differ from sa_family. Therefore, selinux_socket_bind() and selinux_socket_connect_helper(), which process sockaddr structure (address and port), should use the address family from that structure too, and not from the socket one. The initialization of the data for the audit record is moved above, in selinux_socket_bind(), so that there is no duplicate changes and code. Fixes: d452930f ("selinux: Add SCTP support") Suggested-by: NPaul Moore <paul@paul-moore.com> Signed-off-by: NAlexey Kodanev <alexey.kodanev@oracle.com> Signed-off-by: NPaul Moore <paul@paul-moore.com>
Showing
想要评论请 注册 或 登录