diff options
author | Lorenzo Colitti <lorenzo@google.com> | 2016-02-04 01:17:12 +0900 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2016-02-09 04:55:05 -0500 |
commit | 08ff924e7fa7b826396f5ef1cb15656db7fb6545 (patch) | |
tree | b5fbd11cbaa376662e9c272757e884b3ffb0d272 | |
parent | 7a84bd46647ff181eb2659fdc99590e6f16e501d (diff) | |
download | op-kernel-dev-08ff924e7fa7b826396f5ef1cb15656db7fb6545.zip op-kernel-dev-08ff924e7fa7b826396f5ef1cb15656db7fb6545.tar.gz |
selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables
Without this, using SOCK_DESTROY in enforcing mode results in:
SELinux: unrecognized netlink message type=21 for sclass=32
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | security/selinux/nlmsgtab.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 2bbb418..8495b93 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -83,6 +83,7 @@ static struct nlmsg_perm nlmsg_tcpdiag_perms[] = { TCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, { DCCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, { SOCK_DIAG_BY_FAMILY, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, + { SOCK_DESTROY, NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE }, }; static struct nlmsg_perm nlmsg_xfrm_perms[] = |