selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables

author Lorenzo Colitti <lorenzo@google.com>

Wed, 3 Feb 2016 15:52:15 +0000 (00:52 +0900)

committer Huang, Tao <huangtao@rock-chips.com>

Sun, 22 Jan 2017 08:26:09 +0000 (16:26 +0800)
author Lorenzo Colitti <lorenzo@google.com>
Wed, 3 Feb 2016 15:52:15 +0000 (00:52 +0900)
committer Huang, Tao <huangtao@rock-chips.com>
Sun, 22 Jan 2017 08:26:09 +0000 (16:26 +0800)
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c

index 2bbb41822d8ec8882f8dacbbb4c5f8a1feac59ca..7f947f7c33316269b7435c4726685d43d09a5007 100644 (file)
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -80,9 +80,10 @@ static struct nlmsg_perm nlmsg_route_perms[] =
  
  static struct nlmsg_perm nlmsg_tcpdiag_perms[] =
  {
-       { TCPDIAG_GETSOCK,      NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
-       { DCCPDIAG_GETSOCK,     NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
-       { SOCK_DIAG_BY_FAMILY,  NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
+       { TCPDIAG_GETSOCK,              NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
+       { DCCPDIAG_GETSOCK,             NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
+       { SOCK_DIAG_BY_FAMILY,          NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
+       { SOCK_DESTROY_BACKPORT,        NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE },
  };
  
  static struct nlmsg_perm nlmsg_xfrm_perms[] =
author	Lorenzo Colitti <lorenzo@google.com>
	Wed, 3 Feb 2016 15:52:15 +0000 (00:52 +0900)
committer	Huang, Tao <huangtao@rock-chips.com>
	Sun, 22 Jan 2017 08:26:09 +0000 (16:26 +0800)