diff options
| author | Olof Johansson <olof@lixom.net> | 2018-12-31 11:54:03 -0800 |
|---|---|---|
| committer | Olof Johansson <olof@lixom.net> | 2018-12-31 11:54:03 -0800 |
| commit | cac1fc8fb561ac766468394d49c3dd11a2b8cb44 (patch) | |
| tree | 5483f72b13b766cfbd6f025d2a828fef3d1d0203 /security/selinux/nlmsgtab.c | |
| parent | bd3fde386decf09317ff4a07cd0d05380a22f525 (diff) | |
| parent | 54518ed45734bb7ebf2773b1d32120c62338cc93 (diff) | |
| download | lwn-cac1fc8fb561ac766468394d49c3dd11a2b8cb44.tar.gz lwn-cac1fc8fb561ac766468394d49c3dd11a2b8cb44.zip | |
Merge branch 'fixes' into next/soc
Merge in fixes here, since the last batch didn't make it in before the
release of 4.20, and we might as well group them with this set of
patches.
* fixes: (822 commits)
arm64: dts: renesas: draak: Fix CVBS input
ARM: dts: Fix OMAP4430 SDP Ethernet startup
ARM: dts: am335x-pdu001: Fix polarity of card detection input
ARM: OMAP1: ams-delta: Fix audio permanently muted
ARM: dts: omap5: Fix dual-role mode on Super-Speed port
arm64: dts: rockchip: fix rk3399-rockpro64 regulator gpios
ARM: dts: imx7d-nitrogen7: Fix the description of the Wifi clock
ARM: imx: update the cpu power up timing setting on i.mx6sx
Revert "arm64: dts: marvell: add CPU Idle power state support on Armada 7K/8K"
ARM: dts: imx7d-pico: Describe the Wifi clock
ARM: dts: realview: Fix some more duplicate regulator nodes
MAINTAINERS: update entry for MMP platform
ARM: mmp/mmp2: fix cpu_is_mmp2() on mmp2-dt
MAINTAINERS: mediatek: Update SoC entry
ARM: dts: bcm2837: Fix polarity of wifi reset GPIOs
+ Linux 4.20-rc5
Signed-off-by: Olof Johansson <olof@lixom.net>
Diffstat (limited to 'security/selinux/nlmsgtab.c')
| -rw-r--r-- | security/selinux/nlmsgtab.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 74b951f55608..9cec81209617 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -80,6 +80,9 @@ static const struct nlmsg_perm nlmsg_route_perms[] = { RTM_NEWSTATS, NETLINK_ROUTE_SOCKET__NLMSG_READ }, { RTM_GETSTATS, NETLINK_ROUTE_SOCKET__NLMSG_READ }, { RTM_NEWCACHEREPORT, NETLINK_ROUTE_SOCKET__NLMSG_READ }, + { RTM_NEWCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, + { RTM_DELCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, + { RTM_GETCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_READ }, }; static const struct nlmsg_perm nlmsg_tcpdiag_perms[] = @@ -158,7 +161,11 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) switch (sclass) { case SECCLASS_NETLINK_ROUTE_SOCKET: - /* RTM_MAX always point to RTM_SETxxxx, ie RTM_NEWxxx + 3 */ + /* RTM_MAX always points to RTM_SETxxxx, ie RTM_NEWxxx + 3. + * If the BUILD_BUG_ON() below fails you must update the + * structures at the top of this file with the new mappings + * before updating the BUILD_BUG_ON() macro! + */ BUILD_BUG_ON(RTM_MAX != (RTM_NEWCHAIN + 3)); err = nlmsg_perm(nlmsg_type, perm, nlmsg_route_perms, sizeof(nlmsg_route_perms)); @@ -170,6 +177,10 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) break; case SECCLASS_NETLINK_XFRM_SOCKET: + /* If the BUILD_BUG_ON() below fails you must update the + * structures at the top of this file with the new mappings + * before updating the BUILD_BUG_ON() macro! + */ BUILD_BUG_ON(XFRM_MSG_MAX != XFRM_MSG_MAPPING); err = nlmsg_perm(nlmsg_type, perm, nlmsg_xfrm_perms, sizeof(nlmsg_xfrm_perms)); |