1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 3 /** 4 * DOC: erratum_1 5 * 6 * Erratum 1: TCP socket identification 7 * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 8 * 9 * This fix addresses an issue where IPv4 and IPv6 stream sockets (e.g., SMC, 10 * MPTCP, or SCTP) were incorrectly restricted by TCP access rights during 11 * :manpage:`bind(2)` and :manpage:`connect(2)` operations. This change ensures 12 * that only TCP sockets are subject to TCP access rights, allowing other 13 * protocols to operate without unnecessary restrictions. 14 * 15 * Impact: 16 * 17 * In kernels without this fix, using ``LANDLOCK_ACCESS_NET_BIND_TCP`` or 18 * ``LANDLOCK_ACCESS_NET_CONNECT_TCP`` would incorrectly restrict non-TCP 19 * stream protocols (SMC, MPTCP, SCTP), potentially breaking applications 20 * that rely on these protocols while using Landlock network restrictions. 21 */ 22 LANDLOCK_ERRATUM(1) 23