-
- Downloads
Update netlink socket classes.
Define new netlink socket security classes introduced by upstream kernel commit
6c6d2e9bde1c1c87a7ead806f8f5e2181d41a652 ("selinux: update netlink socket
classes"). This was merged in Linux 4.2 and is therefore only required
for Android kernels based on 4.2 or newer (e.g. the android-4.4 branch
of the kernel/common tree).
Add the new socket classes to socket_class_set.
Add an initial set of allow rules although further refinement
will likely be necessary. Any allow rule previously written
on :netlink_socket may need to be rewritten or duplicated for
one or more of the more specific classes. For now, we retain
the existing :netlink_socket rules for compatibility on older kernels.
Signed-off-by: 
Stephen Smalley <sds@tycho.nsa.gov>
(cherry picked from commit 01d95c23)
Change-Id: Ic00a0d474730cda91ba3bc387e0cc14482f82114
Showing
- access_vectors 24 additions, 0 deletionsaccess_vectors
- global_macros 1 addition, 1 deletionglobal_macros
- hostapd.te 1 addition, 0 deletionshostapd.te
- netd.te 2 additions, 0 deletionsnetd.te
- rild.te 1 addition, 0 deletionsrild.te
- security_classes 10 additions, 0 deletionssecurity_classes
- system_server.te 1 addition, 0 deletionssystem_server.te
- tee.te 1 addition, 0 deletionstee.te
- wpa.te 1 addition, 0 deletionswpa.te
Loading
Please register or sign in to comment