selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables

Without this, using SOCK_DESTROY in enforcing mode results in: SELinux: unrecognized netlink message type=21 for sclass=32 Signed-off-by: Lorenzo Colitti <[email protected]> Signed-off-by: David S. Miller <[email protected]>
author: Lorenzo Colitti <[email protected]> 2016-02-03 16:17:12 +0000
committer: David S. Miller <[email protected]> 2016-02-09 09:55:05 +0000
commit: 08ff924e7fa7b826396f5ef1cb15656db7fb6545 (patch)
tree: b5fbd11cbaa376662e9c272757e884b3ffb0d272 /security
parent: sctp: translate network order to host order when users get a hmacid (diff)
download: kernel-08ff924e7fa7b826396f5ef1cb15656db7fb6545.tar.gz
kernel-08ff924e7fa7b826396f5ef1cb15656db7fb6545.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 2bbb41822d8e..8495b9368190 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -83,6 +83,7 @@ static struct nlmsg_perm nlmsg_tcpdiag_perms[] =
 	{ TCPDIAG_GETSOCK,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
 	{ DCCPDIAG_GETSOCK,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
 	{ SOCK_DIAG_BY_FAMILY,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
+	{ SOCK_DESTROY,		NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE },
 };
 
 static struct nlmsg_perm nlmsg_xfrm_perms[] =
author	Lorenzo Colitti <[email protected]>	2016-02-03 16:17:12 +0000
committer	David S. Miller <[email protected]>	2016-02-09 09:55:05 +0000
commit	08ff924e7fa7b826396f5ef1cb15656db7fb6545 (patch)
tree	b5fbd11cbaa376662e9c272757e884b3ffb0d272 /security
parent	sctp: translate network order to host order when users get a hmacid (diff)
download	kernel-08ff924e7fa7b826396f5ef1cb15656db7fb6545.tar.gz kernel-08ff924e7fa7b826396f5ef1cb15656db7fb6545.zip