diff for duplicates of <1510696377.2564.24.camel@btinternet.com> diff --git a/a/1.txt b/N1/1.txt index 945be79..834c76c 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -22,7 +22,7 @@ On Mon, 2017-11-13 at 17:40 -0500, Paul Moore wrote: > ... > > > > > +Policy Statements -> > > > +================== +> > > > +========= > > > > +The following class and permissions to support SCTP are > > > > available > > > > within the @@ -53,8 +53,7 @@ On Mon, 2017-11-13 at 17:40 -0500, Paul Moore wrote: No this was off list, however I've copied the relevant bits: > SCTP Socket Option Permissions -> =============================== -> Permissions that are validated on setsockopt(2) calls (note that the +> ===============> Permissions that are validated on setsockopt(2) calls (note that the > sctp_socket SETOPT permission must be allowed): > > This option requires the BINDX_ADDR permission: @@ -76,7 +75,7 @@ like too much. > > > SCTP Bind, Connect and ASCONF Chunk Parameter Permission Checks -> ============================================================== +> =============================== > The hook security_sctp_addr_list() is called by SCTP when processing > various options (@optname) to check permissions required for the list > of ipv4/ipv6 addresses (@address) as follows: @@ -138,8 +137,7 @@ No and no for the 2 above. > > > > > +SCTP Peer Labeling -> > > > +=================== -> > > > +An SCTP socket will only have one peer label assigned to it. +> > > > +=========> > > > +An SCTP socket will only have one peer label assigned to it. > > > > This > > > > will be > > > > +assigned during the establishment of the first association. @@ -274,11 +272,11 @@ Would you prefer me to delete this section ? > > > > + if (err) > > > > + return err; > > > > + -> > > > + if (peer_sid == SECSID_NULL) +> > > > + if (peer_sid = SECSID_NULL) > > > > + peer_sid = SECINITSID_UNLABELED; > > > > + } > > > > + -> > > > + if (sksec->sctp_assoc_state == SCTP_ASSOC_UNSET) { +> > > > + if (sksec->sctp_assoc_state = SCTP_ASSOC_UNSET) { > > > > + sksec->sctp_assoc_state = SCTP_ASSOC_SET; > > > > + > > > > + /* Here as first association on socket. As the @@ -314,8 +312,4 @@ Would you prefer me to delete this section ? > > Yes, I think my comment was the result of faulty SCTP understanding > on my part. -> --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html +> diff --git a/a/content_digest b/N1/content_digest index df0f4ab..b557c1b 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -2,8 +2,8 @@ "ref\0CAHC9VhShAjQiw-P5vvuULbEZJ7KYHch5ZsnRk=d9vP5kyDvYzQ@mail.gmail.com\0" "ref\01510610721.3652.8.camel@btinternet.com\0" "ref\0CAHC9VhRg9xS=ustdcORVPsb9H18nMEq6A99Y3KyOm2sm6Mo5xg@mail.gmail.com\0" - "From\0richard_c_haines@btinternet.com (Richard Haines)\0" - "Subject\0[RFC PATCH 5/5] selinux: Add SCTP support\0" + "From\0Richard Haines <richard_c_haines@btinternet.com>\0" + "Subject\0Re: [RFC PATCH 5/5] selinux: Add SCTP support\0" "Date\0Tue, 14 Nov 2017 21:52:57 +0000\0" "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" @@ -32,7 +32,7 @@ "> ...\n" "> \n" "> > > > +Policy Statements\n" - "> > > > +==================\n" + "> > > > +=========\n" "> > > > +The following class and permissions to support SCTP are\n" "> > > > available\n" "> > > > within the\n" @@ -63,8 +63,7 @@ "No this was off list, however I've copied the relevant bits:\n" "\n" "> SCTP Socket Option Permissions\n" - "> ===============================\n" - "> Permissions that are validated on setsockopt(2) calls (note that the\n" + "> ===============> Permissions that are validated on setsockopt(2) calls (note that the\n" "> sctp_socket SETOPT permission must be allowed):\n" ">\n" "> This option requires the BINDX_ADDR permission:\n" @@ -86,7 +85,7 @@ ">\n" ">\n" "> SCTP Bind, Connect and ASCONF Chunk Parameter Permission Checks\n" - "> ==============================================================\n" + "> ===============================\n" "> The hook security_sctp_addr_list() is called by SCTP when processing\n" "> various options (@optname) to check permissions required for the list\n" "> of ipv4/ipv6 addresses (@address) as follows:\n" @@ -148,8 +147,7 @@ "\n" "> \n" "> > > > +SCTP Peer Labeling\n" - "> > > > +===================\n" - "> > > > +An SCTP socket will only have one peer label assigned to it.\n" + "> > > > +=========> > > > +An SCTP socket will only have one peer label assigned to it.\n" "> > > > This\n" "> > > > will be\n" "> > > > +assigned during the establishment of the first association.\n" @@ -284,11 +282,11 @@ "> > > > + if (err)\n" "> > > > + return err;\n" "> > > > +\n" - "> > > > + if (peer_sid == SECSID_NULL)\n" + "> > > > + if (peer_sid = SECSID_NULL)\n" "> > > > + peer_sid = SECINITSID_UNLABELED;\n" "> > > > + }\n" "> > > > +\n" - "> > > > + if (sksec->sctp_assoc_state == SCTP_ASSOC_UNSET) {\n" + "> > > > + if (sksec->sctp_assoc_state = SCTP_ASSOC_UNSET) {\n" "> > > > + sksec->sctp_assoc_state = SCTP_ASSOC_SET;\n" "> > > > +\n" "> > > > + /* Here as first association on socket. As the\n" @@ -324,10 +322,6 @@ "> \n" "> Yes, I think my comment was the result of faulty SCTP understanding\n" "> on my part.\n" - "> \n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + > -a084eca9dae3cf7482fff817fa496c2a8ed8c7e6bdff8bfe8f84772e32e12a82 +375d4ca2f20b36ca93b1aa42c1e029331bad73edf338ae58695e294122bb48e3
diff --git a/a/1.txt b/N2/1.txt index 945be79..22ee258 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -314,8 +314,4 @@ Would you prefer me to delete this section ? > > Yes, I think my comment was the result of faulty SCTP understanding > on my part. -> --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html +> diff --git a/a/content_digest b/N2/content_digest index df0f4ab..5ffa544 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -2,10 +2,19 @@ "ref\0CAHC9VhShAjQiw-P5vvuULbEZJ7KYHch5ZsnRk=d9vP5kyDvYzQ@mail.gmail.com\0" "ref\01510610721.3652.8.camel@btinternet.com\0" "ref\0CAHC9VhRg9xS=ustdcORVPsb9H18nMEq6A99Y3KyOm2sm6Mo5xg@mail.gmail.com\0" - "From\0richard_c_haines@btinternet.com (Richard Haines)\0" - "Subject\0[RFC PATCH 5/5] selinux: Add SCTP support\0" + "From\0Richard Haines <richard_c_haines@btinternet.com>\0" + "Subject\0Re: [RFC PATCH 5/5] selinux: Add SCTP support\0" "Date\0Tue, 14 Nov 2017 21:52:57 +0000\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Paul Moore <paul@paul-moore.com>\0" + "Cc\0selinux@tycho.nsa.gov" + netdev@vger.kernel.org + linux-sctp@vger.kernel.org + linux-security-module@vger.kernel.org + Vlad Yasevich <vyasevich@gmail.com> + nhorman@tuxdriver.com + Stephen Smalley <sds@tycho.nsa.gov> + Eric Paris <eparis@parisplace.org> + " marcelo.leitner@gmail.com\0" "\00:1\0" "b\0" "On Mon, 2017-11-13 at 17:40 -0500, Paul Moore wrote:\n" @@ -324,10 +333,6 @@ "> \n" "> Yes, I think my comment was the result of faulty SCTP understanding\n" "> on my part.\n" - "> \n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + > -a084eca9dae3cf7482fff817fa496c2a8ed8c7e6bdff8bfe8f84772e32e12a82 +fd06230043c4fd27b4e969c767f774cea17f7f146ff5361971c303de1c17b619
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.