Something went wrong on our end
-
Stephen Smalley authoredDefine new netlink socket security classes introduced by upstream kernel commit 6c6d2e9bde1c1c87a7ead806f8f5e2181d41a652 ("selinux: update netlink socket classes"). This was merged in Linux 4.2 and is therefore only required for Android kernels based on 4.2 or newer (e.g. the android-4.4 branch of the kernel/common tree). Add the new socket classes to socket_class_set. Add an initial set of allow rules although further refinement will likely be necessary. Any allow rule previously written on :netlink_socket may need to be rewritten or duplicated for one or more of the more specific classes. For now, we retain the existing :netlink_socket rules for compatibility on older kernels. Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>
(cherry picked from commit 01d95c23)
Change-Id: Ic00a0d474730cda91ba3bc387e0cc14482f82114Stephen Smalley authoredDefine new netlink socket security classes introduced by upstream kernel commit 6c6d2e9bde1c1c87a7ead806f8f5e2181d41a652 ("selinux: update netlink socket classes"). This was merged in Linux 4.2 and is therefore only required for Android kernels based on 4.2 or newer (e.g. the android-4.4 branch of the kernel/common tree). Add the new socket classes to socket_class_set. Add an initial set of allow rules although further refinement will likely be necessary. Any allow rule previously written on :netlink_socket may need to be rewritten or duplicated for one or more of the more specific classes. For now, we retain the existing :netlink_socket rules for compatibility on older kernels. Signed-off-by:Stephen Smalley <sds@tycho.nsa.gov>
(cherry picked from commit 01d95c23)
Change-Id: Ic00a0d474730cda91ba3bc387e0cc14482f82114