diff options
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/hooks.c | 2 | ||||
| -rw-r--r-- | security/selinux/netlink.c | 6 | ||||
| -rw-r--r-- | security/selinux/nlmsgtab.c | 3 |
3 files changed, 7 insertions, 4 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 2253f388234..8641f8894b4 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -659,7 +659,7 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc return SECCLASS_NETLINK_ROUTE_SOCKET; case NETLINK_FIREWALL: return SECCLASS_NETLINK_FIREWALL_SOCKET; - case NETLINK_TCPDIAG: + case NETLINK_INET_DIAG: return SECCLASS_NETLINK_TCPDIAG_SOCKET; case NETLINK_NFLOG: return SECCLASS_NETLINK_NFLOG_SOCKET; diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c index 18d08acafa7..e203883406d 100644 --- a/security/selinux/netlink.c +++ b/security/selinux/netlink.c @@ -80,7 +80,8 @@ static void selnl_notify(int msgtype, void *data) nlh = NLMSG_PUT(skb, 0, 0, msgtype, len); selnl_add_payload(nlh, len, msgtype, data); nlh->nlmsg_len = skb->tail - tmp; - netlink_broadcast(selnl, skb, 0, SELNL_GRP_AVC, GFP_USER); + NETLINK_CB(skb).dst_group = SELNLGRP_AVC; + netlink_broadcast(selnl, skb, 0, SELNLGRP_AVC, GFP_USER); out: return; @@ -103,7 +104,8 @@ void selnl_notify_policyload(u32 seqno) static int __init selnl_init(void) { - selnl = netlink_kernel_create(NETLINK_SELINUX, NULL); + selnl = netlink_kernel_create(NETLINK_SELINUX, SELNLGRP_MAX, NULL, + THIS_MODULE); if (selnl == NULL) panic("SELinux: Cannot create netlink socket."); netlink_set_nonroot(NETLINK_SELINUX, NL_NONROOT_RECV); diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 92b057becb4..69b9329b205 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -16,7 +16,7 @@ #include <linux/rtnetlink.h> #include <linux/if.h> #include <linux/netfilter_ipv4/ip_queue.h> -#include <linux/tcp_diag.h> +#include <linux/inet_diag.h> #include <linux/xfrm.h> #include <linux/audit.h> @@ -76,6 +76,7 @@ static struct nlmsg_perm nlmsg_firewall_perms[] = static struct nlmsg_perm nlmsg_tcpdiag_perms[] = { { TCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, + { DCCPDIAG_GETSOCK, NETLINK_TCPDIAG_SOCKET__NLMSG_READ }, }; static struct nlmsg_perm nlmsg_xfrm_perms[] = |