From 0c9b79429c83a404a04908be65baa9d97836bbb6 Mon Sep 17 00:00:00 2001
From: James Morris <jmorris@redhat.com>
Date: Sat, 16 Apr 2005 15:24:13 -0700
Subject: [PATCH] SELinux: add support for NETLINK_KOBJECT_UEVENT

This patch adds SELinux support for the KOBJECT_UEVENT Netlink family, so
that SELinux can apply finer grained controls to it.  For example, security
policy for hald can be locked down to the KOBJECT_UEVENT Netlink family
only.  Currently, this family simply defaults to the default Netlink socket
class.

Note that some new permission definitions are added to sync with changes in
the core userspace policy package, which auto-generates header files.

Signed-off-by: James Morris <jmorris@redhat.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---
 security/selinux/include/av_inherit.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'security/selinux/include/av_inherit.h')

diff --git a/security/selinux/include/av_inherit.h b/security/selinux/include/av_inherit.h
index 9facb27822a..b0e6b12931c 100644
--- a/security/selinux/include/av_inherit.h
+++ b/security/selinux/include/av_inherit.h
@@ -28,3 +28,4 @@
    S_(SECCLASS_NETLINK_AUDIT_SOCKET, socket, 0x00400000UL)
    S_(SECCLASS_NETLINK_IP6FW_SOCKET, socket, 0x00400000UL)
    S_(SECCLASS_NETLINK_DNRT_SOCKET, socket, 0x00400000UL)
+   S_(SECCLASS_NETLINK_KOBJECT_UEVENT_SOCKET, socket, 0x00400000UL)
-- 
cgit v1.2.3