From: Lorenzo Colitti <lorenzo@google.com>
Date: Wed, 3 Feb 2016 16:17:12 +0000 (+0900)
Subject: selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables
X-Git-Tag: v4.5-rc4~30^2~4
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=08ff924e7fa7b826396f5ef1cb15656db7fb6545;p=users%2Fjedix%2Flinux-maple.git

selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables

Without this, using SOCK_DESTROY in enforcing mode results in:

  SELinux: unrecognized netlink message type=21 for sclass=32

Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 2bbb41822d8e..8495b9368190 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -83,6 +83,7 @@ static struct nlmsg_perm nlmsg_tcpdiag_perms[] =
 	{ TCPDIAG_GETSOCK,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
 	{ DCCPDIAG_GETSOCK,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
 	{ SOCK_DIAG_BY_FAMILY,	NETLINK_TCPDIAG_SOCKET__NLMSG_READ },
+	{ SOCK_DESTROY,		NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE },
 };
 
 static struct nlmsg_perm nlmsg_xfrm_perms[] =