1 files changed, 7 insertions, 10 deletions

diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 67e77acc4795..f0fb6d76f7c5 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -98,14 +98,6 @@ static struct nlmsg_perm nlmsg_audit_perms[] =
         { AUDIT_DEL,            NETLINK_AUDIT_SOCKET__NLMSG_WRITE    },
         { AUDIT_USER,           NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
         { AUDIT_SIGNAL_INFO,    NETLINK_AUDIT_SOCKET__NLMSG_READ     },
-        { AUDIT_USER_AUTH,      NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
-        { AUDIT_USER_ACCT,      NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
-        { AUDIT_USER_MGMT,      NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
-        { AUDIT_CRED_ACQ,       NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
-        { AUDIT_CRED_DISP,      NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
-        { AUDIT_USER_START,     NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
-        { AUDIT_USER_END,       NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
-        { AUDIT_USER_AVC,       NETLINK_AUDIT_SOCKET__NLMSG_RELAY    },
 };
 
 
@@ -150,8 +142,13 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm)
                 break;
 
         case SECCLASS_NETLINK_AUDIT_SOCKET:
-                err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms,
-                                 sizeof(nlmsg_audit_perms));
+                if (nlmsg_type >= AUDIT_FIRST_USER_MSG &&
+                    nlmsg_type <= AUDIT_LAST_USER_MSG) {
+                        *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY;
+                } else {
+                        err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms,
+                                         sizeof(nlmsg_audit_perms));
+                }
                 break;
 
         /* No messaging from userspace, or class unknown/unhandled */