xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

selinux: drop unused socket security classes

Browse Source 
Several of the extended socket classes introduced by
commit da69a5306a ("selinux: support distinctions
among all network address families") are never used because
sockets can never be created with the associated address family.
Remove these unused socket security classes.  The removed classes
are bridge_socket for PF_BRIDGE, ib_socket for PF_IB, and mpls_socket
for PF_MPLS.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Stephen Smalley
2017-01-11 16:33:54 -05:00
committed by Paul Moore
parent 900fde06cb
commit b4ba35c75a
2 changed files with 0 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
security/selinux/include/classmap.h
View File

@@ -183,8 +183,6 @@ struct security_class_mapping secclass_map[] = {
{ COMMON_SOCK_PERMS, NULL } },
{ "netrom_socket",
{ COMMON_SOCK_PERMS, NULL } },
{ "bridge_socket",
{ COMMON_SOCK_PERMS, NULL } },
{ "atmpvc_socket",
{ COMMON_SOCK_PERMS, NULL } },
{ "x25_socket",
@@ -203,10 +201,6 @@ struct security_class_mapping secclass_map[] = {
{ COMMON_SOCK_PERMS, NULL } },
{ "llc_socket",
{ COMMON_SOCK_PERMS, NULL } },
{ "ib_socket",
{ COMMON_SOCK_PERMS, NULL } },
{ "mpls_socket",
{ COMMON_SOCK_PERMS, NULL } },
{ "can_socket",
{ COMMON_SOCK_PERMS, NULL } },
{ "tipc_socket",