diff options
| author | Eric Paris <[email protected]> | 2010-11-16 11:52:49 +0000 |
|---|---|---|
| committer | David S. Miller <[email protected]> | 2010-11-17 18:54:35 +0000 |
| commit | ee58681195bf243bafc44ca53f3c24429d096cce (patch) | |
| tree | 938c3f2f2b6db4d43429c28f2ca67650e12829f1 /security/selinux/hooks.c | |
| parent | netfilter: allow hooks to pass error code back up the stack (diff) | |
| download | kernel-ee58681195bf243bafc44ca53f3c24429d096cce.tar.gz kernel-ee58681195bf243bafc44ca53f3c24429d096cce.zip | |
network: tcp_connect should return certain errors up the stack
The current tcp_connect code completely ignores errors from sending an skb.
This makes sense in many situations (like -ENOBUFFS) but I want to be able to
immediately fail connections if they are denied by the SELinux netfilter hook.
Netfilter does not normally return ECONNREFUSED when it drops a packet so we
respect that error code as a final and fatal error that can not be recovered.
Based-on-patch-by: Patrick McHardy <[email protected]>
Signed-off-by: Eric Paris <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Diffstat (limited to 'security/selinux/hooks.c')
0 files changed, 0 insertions, 0 deletions