Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3301b556 authored by Lorenzo Colitti's avatar Lorenzo Colitti Committed by Dmitry Shmidt
Browse files

BACKPORT: selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables 



Without this, using SOCK_DESTROY in enforcing mode results in:

  SELinux: unrecognized netlink message type=21 for sclass=32

Original patch has SOCK_DESTROY instead of SOCK_DESTROY_BACKPORT

Change-Id: I2d0bb7a0b1ef3b201e956479a93f58c844909f8b
Signed-off-by: default avatarLorenzo Colitti <lorenzo@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent f8518889

security/selinux/nlmsgtab.c

+1 −0
Original line number Diff line number Diff line
@@ -83,6 +83,7 @@ static struct nlmsg_perm nlmsg_tcpdiag_perms[] = 
	{ TCPDIAG_GETSOCK,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },

	{ DCCPDIAG_GETSOCK,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },

	{ SOCK_DIAG_BY_FAMILY,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },

	{ SOCK_DESTROY_BACKPORT,NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE },

};



static struct nlmsg_perm nlmsg_xfrm_perms[] =