From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755392AbbDIMdc (ORCPT ); Thu, 9 Apr 2015 08:33:32 -0400 Received: from emvm-gh1-uea09.nsa.gov ([63.239.67.10]:53466 "EHLO emvm-gh1-uea09.nsa.gov" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753616AbbDIMd3 (ORCPT ); Thu, 9 Apr 2015 08:33:29 -0400 X-TM-IMSS-Message-ID: Message-ID: <55267162.7050304@tycho.nsa.gov> Date: Thu, 09 Apr 2015 08:32:34 -0400 From: Stephen Smalley Organization: National Security Agency User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Nicolas Dichtel , davem@davemloft.net CC: netdev@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Paul Moore Subject: Re: [PATCH net-next 3/5] selinux/nlmsg: add XFRM_MSG_NEWSPDINFO References: <1428511002-22329-1-git-send-email-nicolas.dichtel@6wind.com> <1428511002-22329-4-git-send-email-nicolas.dichtel@6wind.com> In-Reply-To: <1428511002-22329-4-git-send-email-nicolas.dichtel@6wind.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/08/2015 12:36 PM, Nicolas Dichtel wrote: > This new command is missing. > > Fixes: 880a6fab8f6b ("xfrm: configure policy hash table thresholds by netlink") > Reported-by: Christophe Gouault > Signed-off-by: Nicolas Dichtel > --- > security/selinux/nlmsgtab.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c > index c8cee0766b60..4bc90c2aaea2 100644 > --- a/security/selinux/nlmsgtab.c > +++ b/security/selinux/nlmsgtab.c > @@ -103,6 +103,7 @@ static struct nlmsg_perm nlmsg_xfrm_perms[] = > { XFRM_MSG_FLUSHPOLICY, NETLINK_XFRM_SOCKET__NLMSG_WRITE }, > { XFRM_MSG_NEWAE, NETLINK_XFRM_SOCKET__NLMSG_WRITE }, > { XFRM_MSG_GETAE, NETLINK_XFRM_SOCKET__NLMSG_READ }, > + { XFRM_MSG_NEWSPDINFO, NETLINK_XFRM_SOCKET__NLMSG_WRITE }, > }; > > static struct nlmsg_perm nlmsg_audit_perms[] = > Seem to be missing a number of the other commands defined in include/uapi/linux/xfrm.h as well, e.g. XFRM_MSG_REPORT, XFRM_MSG_MIGRATE, XFRM_MSG_NEWSADINFO, XFRM_MSG_GETSADINFO, XFRM_MSG_GETSPDINFO, XFRM_MSG_MAPPING.