> Is it ever possible for the isec->sid and the sksec->sid to be
> inconsistent with one another?
I can't think of any possibility of this happening.
> Could you just always return the
> sksec->sid here and avoid the need to grab the isec
> altogether (dropping
> the requirement for sk_callback
On Wed, 2006-07-12 at 16:12 -0500, Venkat Yekkirala wrote:
> This adds security for IP sockets at the sock level. Security at the
> sock level is needed to enforce the SELinux security policy for security
> associations even when a sock is orphaned (such as in the TCP LAST_ACK state).
>
> Signed-o
