aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--security/selinux/include/av_perm_to_string.h2
-rw-r--r--security/selinux/include/av_permissions.h2
-rw-r--r--security/selinux/nlmsgtab.c13
3 files changed, 10 insertions, 7 deletions
diff --git a/security/selinux/include/av_perm_to_string.h b/security/selinux/include/av_perm_to_string.h
index eb340b45bc6f..8928bb4d3c53 100644
--- a/security/selinux/include/av_perm_to_string.h
+++ b/security/selinux/include/av_perm_to_string.h
@@ -220,6 +220,8 @@
220 S_(SECCLASS_NETLINK_XFRM_SOCKET, NETLINK_XFRM_SOCKET__NLMSG_WRITE, "nlmsg_write") 220 S_(SECCLASS_NETLINK_XFRM_SOCKET, NETLINK_XFRM_SOCKET__NLMSG_WRITE, "nlmsg_write")
221 S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READ, "nlmsg_read") 221 S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READ, "nlmsg_read")
222 S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_WRITE, "nlmsg_write") 222 S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_WRITE, "nlmsg_write")
223 S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_RELAY, "nlmsg_relay")
224 S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV, "nlmsg_readpriv")
223 S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_READ, "nlmsg_read") 225 S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_READ, "nlmsg_read")
224 S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_WRITE, "nlmsg_write") 226 S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_WRITE, "nlmsg_write")
225 S_(SECCLASS_DBUS, DBUS__ACQUIRE_SVC, "acquire_svc") 227 S_(SECCLASS_DBUS, DBUS__ACQUIRE_SVC, "acquire_svc")
diff --git a/security/selinux/include/av_permissions.h b/security/selinux/include/av_permissions.h
index f9de0f966559..bdfce4ca8f8e 100644
--- a/security/selinux/include/av_permissions.h
+++ b/security/selinux/include/av_permissions.h
@@ -840,6 +840,8 @@
840 840
841#define NETLINK_AUDIT_SOCKET__NLMSG_READ 0x00400000UL 841#define NETLINK_AUDIT_SOCKET__NLMSG_READ 0x00400000UL
842#define NETLINK_AUDIT_SOCKET__NLMSG_WRITE 0x00800000UL 842#define NETLINK_AUDIT_SOCKET__NLMSG_WRITE 0x00800000UL
843#define NETLINK_AUDIT_SOCKET__NLMSG_RELAY 0x01000000UL
844#define NETLINK_AUDIT_SOCKET__NLMSG_READPRIV 0x02000000UL
843 845
844#define NETLINK_IP6FW_SOCKET__IOCTL 0x00000001UL 846#define NETLINK_IP6FW_SOCKET__IOCTL 0x00000001UL
845#define NETLINK_IP6FW_SOCKET__READ 0x00000002UL 847#define NETLINK_IP6FW_SOCKET__READ 0x00000002UL
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index f79408252730..b3adb481bc25 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -91,13 +91,12 @@ static struct nlmsg_perm nlmsg_xfrm_perms[] =
91 91
92static struct nlmsg_perm nlmsg_audit_perms[] = 92static struct nlmsg_perm nlmsg_audit_perms[] =
93{ 93{
94 { AUDIT_GET, NETLINK_AUDIT_SOCKET__NLMSG_READ }, 94 { AUDIT_GET, NETLINK_AUDIT_SOCKET__NLMSG_READ },
95 { AUDIT_SET, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, 95 { AUDIT_SET, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
96 { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READ }, 96 { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
97 { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, 97 { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
98 { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, 98 { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
99 { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, 99 { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
100 { AUDIT_LOGIN, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
101}; 100};
102 101
103 102
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-14 13:41:49 -0500