From: pebenito@ieee.org (Chris PeBenito)
Date: Tue, 10 Jul 2018 20:08:14 -0400
Subject: [refpolicy] [PATCH 1/5] selinux: compute_access_vector requires
 creating netlink_selinux_sockets
In-Reply-To: <20180710150318.49873-1-jason@perfinion.com>
References: <20180710150318.49873-1-jason@perfinion.com>
Message-ID: <80097367-7ed6-0ef8-320d-87a493682ba0@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 07/10/2018 11:03 AM, Jason Zaman wrote:
> ---
>   policy/modules/kernel/selinux.if | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
> index 8123b25f..6790e5d0 100644
> --- a/policy/modules/kernel/selinux.if
> +++ b/policy/modules/kernel/selinux.if
> @@ -534,6 +534,7 @@ interface(`selinux_compute_access_vector',`
>   	')
>   
>   	dev_search_sysfs($1)
> +	allow $1 self:netlink_selinux_socket create_socket_perms;
>   	allow $1 security_t:dir list_dir_perms;
>   	allow $1 security_t:file rw_file_perms;
>   	allow $1 security_t:security compute_av;

Merged.

-- 
Chris PeBenito