BACKPORT: selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables

Without this, using SOCK_DESTROY in enforcing mode results in: SELinux: unrecognized netlink message type=21 for sclass=32 Original patch has SOCK_DESTROY instead of SOCK_DESTROY_BACKPORT Change-Id: I2d0bb7a0b1ef3b201e956479a93f58c844909f8b Signed-off-by: Lorenzo Colitti <lorenzo@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Lorenzo Colitti <lorenzo@google.com> 2016-02-04 01:17:12 +0900
committer: Dmitry Shmidt <dimitrysh@google.com> 2018-01-10 16:55:45 -0800
commit: 3301b5569f273fa395d0c7b4a904763273b5f837 (patch)
tree: c865169efacfe3938ca04e14dedecd30a02578bd /security/selinux/nlmsgtab.c
parent: f8518889ffe879b6266657e83b6cf6ace8111cdc (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 2bbb41822d8e..0714b4c61a8b 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -83,6 +83,7 @@ static struct nlmsg_perm nlmsg_tcpdiag_perms[] =
 	{ TCPDIAG_GETSOCK,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
 	{ DCCPDIAG_GETSOCK,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
 	{ SOCK_DIAG_BY_FAMILY,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
+	{ SOCK_DESTROY_BACKPORT,NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE },
 };
 
 static struct nlmsg_perm nlmsg_xfrm_perms[] =
author	Lorenzo Colitti <lorenzo@google.com>	2016-02-04 01:17:12 +0900
committer	Dmitry Shmidt <dimitrysh@google.com>	2018-01-10 16:55:45 -0800
commit	3301b5569f273fa395d0c7b4a904763273b5f837 (patch)
tree	c865169efacfe3938ca04e14dedecd30a02578bd /security/selinux/nlmsgtab.c
parent	f8518889ffe879b6266657e83b6cf6ace8111cdc (diff)