diff options
| author | ThiƩbaud Weksteen <[email protected]> | 2024-12-05 01:21:00 +0000 |
|---|---|---|
| committer | Paul Moore <[email protected]> | 2024-12-16 00:33:07 +0000 |
| commit | 2ef6fc99e0d922a54073e7b6d6465c62f4d3b62b (patch) | |
| tree | 00c624dab350d9cf22772ea712341bc448cf3a3c /security/selinux/hooks.c | |
| parent | selinux: add support for xperms in conditional policies (diff) | |
| download | kernel-2ef6fc99e0d922a54073e7b6d6465c62f4d3b62b.tar.gz kernel-2ef6fc99e0d922a54073e7b6d6465c62f4d3b62b.zip | |
selinux: add netlink nlmsg_type audit message
Add a new audit message type to capture nlmsg-related information. This
is similar to LSM_AUDIT_DATA_IOCTL_OP which was added for the other
SELinux extended permission (ioctl).
Adding a new type is preferred to adding to the existing
lsm_network_audit structure which contains irrelevant information for
the netlink sockets (i.e., dport, sport).
Signed-off-by: ThiƩbaud Weksteen <[email protected]>
[PM: change "nlnk-msgtype" to "nl-msgtype" as discussed]
Signed-off-by: Paul Moore <[email protected]>
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 5e5f3398f39d..617f54abb640 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -5939,14 +5939,14 @@ static int nlmsg_sock_has_extended_perms(struct sock *sk, u32 perms, u16 nlmsg_t { struct sk_security_struct *sksec = sk->sk_security; struct common_audit_data ad; - struct lsm_network_audit net; u8 driver; u8 xperm; if (sock_skip_has_perm(sksec->sid)) return 0; - ad_net_init_from_sk(&ad, &net, sk); + ad.type = LSM_AUDIT_DATA_NLMSGTYPE; + ad.u.nlmsg_type = nlmsg_type; driver = nlmsg_type >> 8; xperm = nlmsg_type & 0xff; |