aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-18 05:21:07 -0400
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-18 05:21:07 -0400
commit209aba03243ee42a22f8df8d08aa9963f62aec64 (patch)
treee45ee43e7af31f847377e8bb3a0a61581732b653 /security
parent3ec3b2fba526ead2fa3f3d7c91924f39a0733749 (diff)
AUDIT: Treat all user messages identically.
It's silly to have to add explicit entries for new userspace messages as we invent them. Just treat all messages in the user range the same. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/nlmsgtab.c17
1 files changed, 7 insertions, 10 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 67e77acc4795..f0fb6d76f7c5 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -98,14 +98,6 @@ static struct nlmsg_perm nlmsg_audit_perms[] =
98 { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, 98 { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
99 { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY }, 99 { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
100 { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ }, 100 { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ },
101 { AUDIT_USER_AUTH, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
102 { AUDIT_USER_ACCT, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
103 { AUDIT_USER_MGMT, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
104 { AUDIT_CRED_ACQ, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
105 { AUDIT_CRED_DISP, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
106 { AUDIT_USER_START, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
107 { AUDIT_USER_END, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
108 { AUDIT_USER_AVC, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
109}; 101};
110 102
111 103
@@ -150,8 +142,13 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm)
150 break; 142 break;
151 143
152 case SECCLASS_NETLINK_AUDIT_SOCKET: 144 case SECCLASS_NETLINK_AUDIT_SOCKET:
153 err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, 145 if (nlmsg_type >= AUDIT_FIRST_USER_MSG &&
154 sizeof(nlmsg_audit_perms)); 146 nlmsg_type <= AUDIT_LAST_USER_MSG) {
147 *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY;
148 } else {
149 err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms,
150 sizeof(nlmsg_audit_perms));
151 }
155 break; 152 break;
156 153
157 /* No messaging from userspace, or class unknown/unhandled */ 154 /* No messaging from userspace, or class unknown/unhandled */