aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/nlmsgtab.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/nlmsgtab.c')
-rw-r--r--security/selinux/nlmsgtab.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 85e399259832..b8f4d25cf335 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -106,6 +106,9 @@ static struct nlmsg_perm nlmsg_audit_perms[] =
106 { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV }, 106 { AUDIT_LIST, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
107 { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, 107 { AUDIT_ADD, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
108 { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE }, 108 { AUDIT_DEL, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
109 { AUDIT_LIST_RULES, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV },
110 { AUDIT_ADD_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
111 { AUDIT_DEL_RULE, NETLINK_AUDIT_SOCKET__NLMSG_WRITE },
109 { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY }, 112 { AUDIT_USER, NETLINK_AUDIT_SOCKET__NLMSG_RELAY },
110 { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ }, 113 { AUDIT_SIGNAL_INFO, NETLINK_AUDIT_SOCKET__NLMSG_READ },
111}; 114};
@@ -152,8 +155,10 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm)
152 break; 155 break;
153 156
154 case SECCLASS_NETLINK_AUDIT_SOCKET: 157 case SECCLASS_NETLINK_AUDIT_SOCKET:
155 if (nlmsg_type >= AUDIT_FIRST_USER_MSG && 158 if ((nlmsg_type >= AUDIT_FIRST_USER_MSG &&
156 nlmsg_type <= AUDIT_LAST_USER_MSG) { 159 nlmsg_type <= AUDIT_LAST_USER_MSG) ||
160 (nlmsg_type >= AUDIT_FIRST_USER_MSG2 &&
161 nlmsg_type <= AUDIT_LAST_USER_MSG2)) {
157 *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY; 162 *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY;
158 } else { 163 } else {
159 err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, 164 err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms,
generated by cgit v1.2.2 (git 2.25.0) at 2025-11-04 08:01:06 -0500