* [PATCH] security: sctp: Format type and permission checks tables
@ 2025-11-03 11:39 Bagas Sanjaya
2025-11-11 2:34 ` Bagas Sanjaya
2025-11-20 0:10 ` Paul Moore
0 siblings, 2 replies; 6+ messages in thread
From: Bagas Sanjaya @ 2025-11-03 11:39 UTC (permalink / raw)
To: Linux Kernel Mailing List, Linux Documentation,
Linux Security Module
Cc: Jonathan Corbet, Jarkko Sakkinen, Christian Brauner,
Bagas Sanjaya, Jeff Layton, Kees Cook, Mickaël Salaün,
Stuart Yoder
Use reST grid tables for both type and permission checks tables.
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
---
This patch is based on lsm tree.
Documentation/security/SCTP.rst | 48 +++++++++++++++++++++------------
1 file changed, 31 insertions(+), 17 deletions(-)
diff --git a/Documentation/security/SCTP.rst b/Documentation/security/SCTP.rst
index 6d80d464ab6e7c..321bf6c8738970 100644
--- a/Documentation/security/SCTP.rst
+++ b/Documentation/security/SCTP.rst
@@ -46,24 +46,31 @@ Returns 0 on success, error on failure.
ipv4 or ipv6 address using sizeof(struct sockaddr_in) or
sizeof(struct sockaddr_in6).
- ------------------------------------------------------------------
- | BIND Type Checks |
+.. table:: BIND Type Checks
+
+ +----------------------------+-----------------------------------+
| @optname | @address contains |
- |----------------------------|-----------------------------------|
+ +============================+===================================+
| SCTP_SOCKOPT_BINDX_ADD | One or more ipv4 / ipv6 addresses |
+ +----------------------------+-----------------------------------+
| SCTP_PRIMARY_ADDR | Single ipv4 or ipv6 address |
+ +----------------------------+-----------------------------------+
| SCTP_SET_PEER_PRIMARY_ADDR | Single ipv4 or ipv6 address |
- ------------------------------------------------------------------
+ +----------------------------+-----------------------------------+
+
+.. table:: CONNECT Type Checks
- ------------------------------------------------------------------
- | CONNECT Type Checks |
+ +----------------------------+-----------------------------------+
| @optname | @address contains |
- |----------------------------|-----------------------------------|
+ +============================+===================================+
| SCTP_SOCKOPT_CONNECTX | One or more ipv4 / ipv6 addresses |
+ +----------------------------+-----------------------------------+
| SCTP_PARAM_ADD_IP | One or more ipv4 / ipv6 addresses |
+ +----------------------------+-----------------------------------+
| SCTP_SENDMSG_CONNECT | Single ipv4 or ipv6 address |
+ +----------------------------+-----------------------------------+
| SCTP_PARAM_SET_PRIMARY | Single ipv4 or ipv6 address |
- ------------------------------------------------------------------
+ +----------------------------+-----------------------------------+
A summary of the ``@optname`` entries is as follows::
@@ -228,26 +235,33 @@ The security module performs the following operations:
security_sctp_bind_connect()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Checks permissions required for ipv4/ipv6 addresses based on the ``@optname``
-as follows::
+as follows:
- ------------------------------------------------------------------
- | BIND Permission Checks |
+.. table:: BIND Permission Checks
+
+ +----------------------------+-----------------------------------+
| @optname | @address contains |
- |----------------------------|-----------------------------------|
+ +============================+===================================+
| SCTP_SOCKOPT_BINDX_ADD | One or more ipv4 / ipv6 addresses |
+ +----------------------------+-----------------------------------+
| SCTP_PRIMARY_ADDR | Single ipv4 or ipv6 address |
+ +----------------------------+-----------------------------------+
| SCTP_SET_PEER_PRIMARY_ADDR | Single ipv4 or ipv6 address |
- ------------------------------------------------------------------
+ +----------------------------+-----------------------------------+
+
+.. table:: CONNECT Permission Checks
- ------------------------------------------------------------------
- | CONNECT Permission Checks |
+ +----------------------------+-----------------------------------+
| @optname | @address contains |
- |----------------------------|-----------------------------------|
+ +============================+===================================+
| SCTP_SOCKOPT_CONNECTX | One or more ipv4 / ipv6 addresses |
+ +----------------------------+-----------------------------------+
| SCTP_PARAM_ADD_IP | One or more ipv4 / ipv6 addresses |
+ +----------------------------+-----------------------------------+
| SCTP_SENDMSG_CONNECT | Single ipv4 or ipv6 address |
+ +----------------------------+-----------------------------------+
| SCTP_PARAM_SET_PRIMARY | Single ipv4 or ipv6 address |
- ------------------------------------------------------------------
+ +----------------------------+-----------------------------------+
`SCTP LSM Support`_ gives a summary of the ``@optname``
base-commit: dfa024bc3f67a97e1a975dd66b83af8b3845eb19
--
An old man doll... just what I always wanted! - Clara
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] security: sctp: Format type and permission checks tables
2025-11-03 11:39 [PATCH] security: sctp: Format type and permission checks tables Bagas Sanjaya
@ 2025-11-11 2:34 ` Bagas Sanjaya
2025-11-12 0:50 ` Paul Moore
2025-11-20 0:10 ` Paul Moore
1 sibling, 1 reply; 6+ messages in thread
From: Bagas Sanjaya @ 2025-11-11 2:34 UTC (permalink / raw)
To: Linux Kernel Mailing List, Linux Documentation,
Linux Security Module
Cc: Jonathan Corbet, Jarkko Sakkinen, Christian Brauner, Jeff Layton,
Kees Cook, Mickaël Salaün, Stuart Yoder, Randy Dunlap
[-- Attachment #1: Type: text/plain, Size: 143 bytes --]
On Mon, Nov 03, 2025 at 06:39:23PM +0700, Bagas Sanjaya wrote:
> Use reST grid tables for both type and permission checks tables.
review ping
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] security: sctp: Format type and permission checks tables
2025-11-11 2:34 ` Bagas Sanjaya
@ 2025-11-12 0:50 ` Paul Moore
2025-11-12 12:07 ` Bagas Sanjaya
0 siblings, 1 reply; 6+ messages in thread
From: Paul Moore @ 2025-11-12 0:50 UTC (permalink / raw)
To: Bagas Sanjaya
Cc: Linux Kernel Mailing List, Linux Documentation,
Linux Security Module, Jonathan Corbet, Jarkko Sakkinen,
Christian Brauner, Jeff Layton, Kees Cook,
Mickaël Salaün, Stuart Yoder, Randy Dunlap
On Mon, Nov 10, 2025 at 9:35 PM Bagas Sanjaya <bagasdotme@gmail.com> wrote:
>
> On Mon, Nov 03, 2025 at 06:39:23PM +0700, Bagas Sanjaya wrote:
> > Use reST grid tables for both type and permission checks tables.
>
> review ping
You don't need to 'ping' for a review, your patch is in my review
queue, but code changes take priority at this point in the dev cycle
as I'm okay with merging documentation changes fairly late.
--
paul-moore.com
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] security: sctp: Format type and permission checks tables
2025-11-12 0:50 ` Paul Moore
@ 2025-11-12 12:07 ` Bagas Sanjaya
0 siblings, 0 replies; 6+ messages in thread
From: Bagas Sanjaya @ 2025-11-12 12:07 UTC (permalink / raw)
To: Paul Moore
Cc: Linux Kernel Mailing List, Linux Documentation,
Linux Security Module, Jonathan Corbet, Jarkko Sakkinen,
Christian Brauner, Jeff Layton, Kees Cook,
Mickaël Salaün, Stuart Yoder, Randy Dunlap
[-- Attachment #1: Type: text/plain, Size: 594 bytes --]
On Tue, Nov 11, 2025 at 07:50:56PM -0500, Paul Moore wrote:
> On Mon, Nov 10, 2025 at 9:35 PM Bagas Sanjaya <bagasdotme@gmail.com> wrote:
> >
> > On Mon, Nov 03, 2025 at 06:39:23PM +0700, Bagas Sanjaya wrote:
> > > Use reST grid tables for both type and permission checks tables.
> >
> > review ping
>
> You don't need to 'ping' for a review, your patch is in my review
> queue, but code changes take priority at this point in the dev cycle
> as I'm okay with merging documentation changes fairly late.
OK, thanks!
--
An old man doll... just what I always wanted! - Clara
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] security: sctp: Format type and permission checks tables
2025-11-03 11:39 [PATCH] security: sctp: Format type and permission checks tables Bagas Sanjaya
2025-11-11 2:34 ` Bagas Sanjaya
@ 2025-11-20 0:10 ` Paul Moore
2025-11-20 1:39 ` Bagas Sanjaya
1 sibling, 1 reply; 6+ messages in thread
From: Paul Moore @ 2025-11-20 0:10 UTC (permalink / raw)
To: Bagas Sanjaya, Linux Kernel Mailing List, Linux Documentation,
Linux Security Module
Cc: Jonathan Corbet, Jarkko Sakkinen, Christian Brauner,
Bagas Sanjaya, Jeff Layton, Kees Cook, Mickaël Salaün,
Stuart Yoder
On Nov 3, 2025 Bagas Sanjaya <bagasdotme@gmail.com> wrote:
>
> Use reST grid tables for both type and permission checks tables.
>
> Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
> ---
> This patch is based on lsm tree.
>
> Documentation/security/SCTP.rst | 48 +++++++++++++++++++++------------
> 1 file changed, 31 insertions(+), 17 deletions(-)
I rendered the patched file to HTML, and given that large portions of
the file are still rendered as monospaced preformatted text, the new
table rendering looks a bit out of place.
Let's stick with the existing table format until the entire document
is converted to something that is at least as constitent and
aesthetically pleasing as the current revision.
--
paul-moore.com
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] security: sctp: Format type and permission checks tables
2025-11-20 0:10 ` Paul Moore
@ 2025-11-20 1:39 ` Bagas Sanjaya
0 siblings, 0 replies; 6+ messages in thread
From: Bagas Sanjaya @ 2025-11-20 1:39 UTC (permalink / raw)
To: Paul Moore, Linux Kernel Mailing List, Linux Documentation,
Linux Security Module
Cc: Jonathan Corbet, Jarkko Sakkinen, Christian Brauner, Jeff Layton,
Kees Cook, Mickaël Salaün, Stuart Yoder
[-- Attachment #1: Type: text/plain, Size: 519 bytes --]
On Wed, Nov 19, 2025 at 07:10:31PM -0500, Paul Moore wrote:
> I rendered the patched file to HTML, and given that large portions of
> the file are still rendered as monospaced preformatted text, the new
> table rendering looks a bit out of place.
>
> Let's stick with the existing table format until the entire document
> is converted to something that is at least as constitent and
> aesthetically pleasing as the current revision.
OK, thanks!
--
An old man doll... just what I always wanted! - Clara
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2025-11-20 1:39 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-11-03 11:39 [PATCH] security: sctp: Format type and permission checks tables Bagas Sanjaya
2025-11-11 2:34 ` Bagas Sanjaya
2025-11-12 0:50 ` Paul Moore
2025-11-12 12:07 ` Bagas Sanjaya
2025-11-20 0:10 ` Paul Moore
2025-11-20 1:39 ` Bagas Sanjaya
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).