[LSM]: Networking netlink socket capability hooks.

author: James Morris <jmorris@intercode.com.au> 2003-02-06 09:51:56 -0800
committer: James Morris <jmorris@intercode.com.au> 2003-02-06 09:51:56 -0800
commit: d5a9256003294d65d6cd9d162cf29fb852f6569a (patch)
tree: d73c28b196643383a056dba95bb99953c538a765 /net/netlink
parent: 73880d9f50dd54d301c95d8d793404f5bf3e08c6 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 499a8c9a9c99..9249dddc9001 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -42,6 +42,7 @@
 #include <linux/proc_fs.h>
 #include <linux/smp_lock.h>
 #include <linux/notifier.h>
+#include <linux/security.h>
 #include <net/sock.h>
 #include <net/scm.h>
 
@@ -636,7 +637,12 @@ static int netlink_sendmsg(struct kiocb *iocb, struct socket *sock,
 	   check them, when this message will be delivered
 	   to corresponding kernel module.   --ANK (980802)
 	 */
-	NETLINK_CB(skb).eff_cap = current->cap_effective;
+
+	err = security_netlink_send(skb);
+	if (err) {
+		kfree_skb(skb);
+		goto out;
+	}
 
 	err = -EFAULT;
 	if (memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len)) {
author	James Morris <jmorris@intercode.com.au>	2003-02-06 09:51:56 -0800
committer	James Morris <jmorris@intercode.com.au>	2003-02-06 09:51:56 -0800
commit	d5a9256003294d65d6cd9d162cf29fb852f6569a (patch)
tree	d73c28b196643383a056dba95bb99953c538a765 /net/netlink
parent	73880d9f50dd54d301c95d8d793404f5bf3e08c6 (diff)