ANDROID: selinux: modify RTM_GETNEIGH{TBL} (5f409cbc) · Commits · CodeLinaro / la / kernel / gs

Commit 5f409cbc authored 2 months ago by Thiébaud Weksteen Committed by Greg Kroah-Hartman 2 months ago

ANDROID: selinux: modify RTM_GETNEIGH{TBL}


Map the permission gating RTM_GETNEIGH/RTM_GETNEIGHTBL messages to a
new permission so that it can be distinguished from the other netlink
route permissions in selinux policy. The new permission is triggered by
a flag set in system images T and up.

While the kernel supports the new nlmsg extended permission, the policy
does not yet contain the new rules. Keep the support for the
Android-specific policy until the new policy lands.

Bug: 392913234
Bug: 353255679
Test: atest CtsSelinuxTargetSdk25TestCases
Test: atest CtsSelinuxTargetSdk27TestCases
Test: atest CtsSelinuxTargetSdk28TestCases
Test: atest CtsSelinuxTargetSdk29TestCases
Test: atest CtsSelinuxTargetSdk30TestCases
Test: atest CtsSelinuxTargetSdkCurrentTestCases
Signed-off-by: Bram Bonné <brambonne@google.com>
Signed-off-by: Thiébaud Weksteen <tweek@google.com>
Change-Id: I8b34841d7afc97ec1db5dc01444fa26eb68a6e4b

parent b4563881

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 23 additions and 1 deletion

Please register or to comment