Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f5ada1fa authored by Alex Yakavenka's avatar Alex Yakavenka Committed by Gerrit - the friendly Code Review server
Browse files

security: Extend SELinux to support CAN sockets



CAN socket SELinux support is required to be able
to distinguish between generic socket and can_socket

Change-Id: I9ec2099fc4c08ab6406e33ff9ad821ef18261763
Signed-off-by: default avatarAlex Yakavenka <ayakav@codeaurora.org>
parent 9551e129
Loading
Loading
Loading
Loading
+2 −0
Original line number Diff line number Diff line
@@ -1246,6 +1246,8 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
		return SECCLASS_KEY_SOCKET;
	case PF_APPLETALK:
		return SECCLASS_APPLETALK_SOCKET;
	case PF_CAN:
		return SECCLASS_CAN_SOCKET;
	}

	return SECCLASS_SOCKET;
+2 −0
Original line number Diff line number Diff line
@@ -157,5 +157,7 @@ struct security_class_mapping secclass_map[] = {
	  { COMMON_SOCK_PERMS, "attach_queue", NULL } },
	{ "binder", { "impersonate", "call", "set_context_mgr", "transfer",
		      NULL } },
	{ "can_socket",
	  { COMMON_SOCK_PERMS, NULL } },
	{ NULL }
  };