diff options
Diffstat (limited to 'policy')
| -rw-r--r-- | policy/flask/access_vectors | 3 | ||||
| -rw-r--r-- | policy/flask/security_classes | 1 | ||||
| -rw-r--r-- | policy/policy_capabilities | 1 | ||||
| -rw-r--r-- | policy/support/obj_perm_sets.spt | 2 |
4 files changed, 6 insertions, 1 deletions
diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors index 6204e687f..7652a313f 100644 --- a/policy/flask/access_vectors +++ b/policy/flask/access_vectors @@ -1059,3 +1059,6 @@ inherits socket class qipcrtr_socket inherits socket + +class smc_socket +inherits socket diff --git a/policy/flask/security_classes b/policy/flask/security_classes index 18f18fd8e..18c4f9748 100644 --- a/policy/flask/security_classes +++ b/policy/flask/security_classes @@ -182,5 +182,6 @@ class nfc_socket class vsock_socket class kcm_socket class qipcrtr_socket +class smc_socket # FLASK diff --git a/policy/policy_capabilities b/policy/policy_capabilities index 39e393013..e0ff6e306 100644 --- a/policy/policy_capabilities +++ b/policy/policy_capabilities @@ -77,6 +77,7 @@ policycap open_perms; # vsock_socket # kcm_socket # qipcrtr_socket +# smc_socket # # Available in kernel 4.11+. # Requires libsepol 2.7+ to build policy with this enabled. diff --git a/policy/support/obj_perm_sets.spt b/policy/support/obj_perm_sets.spt index 5eb74cd8a..938a6cd78 100644 --- a/policy/support/obj_perm_sets.spt +++ b/policy/support/obj_perm_sets.spt @@ -34,7 +34,7 @@ define(`devfile_class_set', `{ blk_file chr_file }') # # All socket classes. # -define(`socket_class_set', `{ tcp_socket udp_socket rawip_socket netlink_socket packet_socket unix_stream_socket unix_dgram_socket appletalk_socket netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_ip6fw_socket netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket netlink_crypto_socket sctp_socket icmp_socket ax25_socket ipx_socket netrom_socket atmpvc_socket x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket}') +define(`socket_class_set', `{ tcp_socket udp_socket rawip_socket netlink_socket packet_socket unix_stream_socket unix_dgram_socket appletalk_socket netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_ip6fw_socket netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket netlink_crypto_socket sctp_socket icmp_socket ax25_socket ipx_socket netrom_socket atmpvc_socket x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket }') # # Datagram socket classes. |