Re: [RFC PATCH 08/17] ipv6: Add ipv6_renew_options_kern() that accepts a kernel mem pointer.

On 22.12.2015 12:46, Huw Davies wrote: > The functionality is equivalent to ipv6_renew_options() except > that the newopt pointer is in kernel, not user, memory > > The kernel memory implementation will be used by the CALIPSO network > labelling engine, which needs to be able to set IPv6

Re: [RFC PATCH 16/17] calipso: Add validation of CALIPSO option.

On 22.12.2015 12:46, Huw Davies wrote: > > +/* CALIPSO RFC 5570 */ > + > +static bool ipv6_hop_calipso(struct sk_buff *skb, int optoff) > +{ > + const unsigned char *nh = skb_network_header(skb); > + > + if (nh[optoff + 1] < 8) > + goto drop; > + > + if (nh[optoff + 6] *

Re: [RFC PATCH 13/17] calipso: Allow request sockets to be relabelled by the lsm.

On 22.12.2015 12:46, Huw Davies wrote: > tot_len += sizeof(*opt2); > - opt2 = sock_kmalloc(sk, tot_len, GFP_ATOMIC); > + if (sk) > + opt2 = sock_kmalloc(sk, tot_len, GFP_ATOMIC); > + else > + opt2 = kmalloc(tot_len, GFP_ATOMIC); > if (!opt2) >