diff options
author | Lorenzo Colitti <lorenzo@google.com> | 2016-02-04 00:52:15 +0900 |
---|---|---|
committer | Lorenzo Colitti <lorenzo@google.com> | 2016-02-04 11:39:22 +0900 |
commit | 47be4c1862a864662721a98b6fbc415c6bda29df (patch) | |
tree | 81965cc82661a58025213a7b2991a3d421fd1f79 /security | |
parent | 69649c8a83f8b5e61d631e8962f9169bbece6766 (diff) |
selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables
Without this, using SOCK_DESTROY in enforcing mode results in:
SELinux: unrecognized netlink message type=21 for sclass=32
Change-Id: I7862bb0fc83573567243ffa9549a2c7405b5986c
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/nlmsgtab.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 902b5e9cec7e..053210a559ad 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -77,9 +77,10 @@ static struct nlmsg_perm nlmsg_route_perms[] = static struct nlmsg_perm nlmsg_tcpdiag_perms[] = { - { TCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, - { DCCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, - { SOCK_DIAG_BY_FAMILY, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, + { TCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, + { DCCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, + { SOCK_DIAG_BY_FAMILY, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, + { SOCK_DESTROY_BACKPORT, NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE }, }; static struct nlmsg_perm nlmsg_xfrm_perms[] = |