SELinux: define permissions for DCB netlink messages
commit
350e4f31e0eaf56dfc3b328d24a11bdf42a41fb8 upstream.
Commit
2f90b865 added two new netlink message types to the netlink route
socket. SELinux has hooks to define if netlink messages are allowed to
be sent or received, but it did not know about these two new message
types. By default we allow such actions so noone likely noticed. This
patch adds the proper definitions and thus proper permissions
enforcement.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
projects / linux-imx.git / commit