diff options
| author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 12:24:53 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 12:24:53 -0500 |
| commit | 1b9a3917366028cc451a98dd22e3bcd537d4e5c1 (patch) | |
| tree | d911058720e0a9aeeaf9f407ccdc6fbf4047f47d /security/selinux/nlmsgtab.c | |
| parent | 3661f00e2097676847deb01add1a0918044bd816 (diff) | |
| parent | 71e1c784b24a026a490b3de01541fc5ee14ebc09 (diff) | |
Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)
[PATCH] fix audit_init failure path
[PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format
[PATCH] sem2mutex: audit_netlink_sem
[PATCH] simplify audit_free() locking
[PATCH] Fix audit operators
[PATCH] promiscuous mode
[PATCH] Add tty to syscall audit records
[PATCH] add/remove rule update
[PATCH] audit string fields interface + consumer
[PATCH] SE Linux audit events
[PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c
[PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL
[PATCH] Fix IA64 success/failure indication in syscall auditing.
[PATCH] Miscellaneous bug and warning fixes
[PATCH] Capture selinux subject/object context information.
[PATCH] Exclude messages by message type
[PATCH] Collect more inode information during syscall processing.
[PATCH] Pass dentry, not just name, in fsnotify creation hooks.
[PATCH] Define new range of userspace messages.
[PATCH] Filter rule comparators
...
Fixed trivial conflict in security/selinux/hooks.c
Diffstat (limited to 'security/selinux/nlmsgtab.c')
| -rw-r--r-- | security/selinux/nlmsgtab.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 85e399259832..b8f4d25cf335 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c | |||
| @@ -106,6 +106,9 @@ static struct nlmsg_perm nlmsg_audit_perms[] = | |||
| 106 | { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV }, | 106 | { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV }, |
| 107 | { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, | 107 | { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, |
| 108 | { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, | 108 | { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, |
| 109 | { AUDIT_LIST_RULES, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV }, | ||
| 110 | { AUDIT_ADD_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, | ||
| 111 | { AUDIT_DEL_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, | ||
| 109 | { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY }, | 112 | { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY }, |
| 110 | { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ }, | 113 | { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ }, |
| 111 | }; | 114 | }; |
| @@ -152,8 +155,10 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) | |||
| 152 | break; | 155 | break; |
| 153 | 156 | ||
| 154 | case SECCLASS_NETLINK_AUDIT_SOCKET: | 157 | case SECCLASS_NETLINK_AUDIT_SOCKET: |
| 155 | if (nlmsg_type >= AUDIT_FIRST_USER_MSG && | 158 | if ((nlmsg_type >= AUDIT_FIRST_USER_MSG && |
| 156 | nlmsg_type <= AUDIT_LAST_USER_MSG) { | 159 | nlmsg_type <= AUDIT_LAST_USER_MSG) || |
| 160 | (nlmsg_type >= AUDIT_FIRST_USER_MSG2 && | ||
| 161 | nlmsg_type <= AUDIT_LAST_USER_MSG2)) { | ||
| 157 | *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY; | 162 | *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY; |
| 158 | } else { | 163 | } else { |
| 159 | err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, | 164 | err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, |