| Message ID | 1471965682.30659.22.camel@trentalancia.net (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
diff -pru libsepol-git-23082016/include/sepol/policydb/polcaps.h libsepol-git-23082016-alg_socket/include/sepol/policydb/polcaps.h --- libsepol-git-23082016/include/sepol/policydb/polcaps.h 2016-08-23 17:08:58.690837319 +0200 +++ libsepol-git-23082016-alg_socket/include/sepol/policydb/polcaps.h 2016-08-23 17:13:52.794644956 +0200 @@ -11,6 +11,7 @@ enum { POLICYDB_CAPABILITY_OPENPERM, POLICYDB_CAPABILITY_REDHAT1, /* reserved for RH testing of ptrace_child */ POLICYDB_CAPABILITY_ALWAYSNETWORK, + POLICYDB_CAPABILITY_ALGSOCKET, /* Crypto API socket namespace */ __POLICYDB_CAPABILITY_MAX }; #define POLICYDB_CAPABILITY_MAX (__POLICYDB_CAPABILITY_MAX - 1) diff -pru libsepol-git-23082016/src/polcaps.c libsepol-git-23082016-alg_socket/src/polcaps.c --- libsepol-git-23082016/src/polcaps.c 2016-08-23 17:08:58.696837395 +0200 +++ libsepol-git-23082016-alg_socket/src/polcaps.c 2016-08-23 17:11:49.145026939 +0200 @@ -10,6 +10,7 @@ static const char *polcap_names[] = { "open_perms", /* POLICYDB_CAPABILITY_OPENPERM */ "redhat1", /* POLICYDB_CAPABILITY_REDHAT1, aka ptrace_child */ "always_check_network", /* POLICYDB_CAPABILITY_ALWAYSNETWORK */ + "alg_socket", /* POLICYDB_CAPABILITY_ALGSOCKET (Crypto API socket namespace) */ NULL };
Update libsepol with the new policy capability needed to classify sockets in the AF_ALG namespace (Crypto API). Signed-off-by: Guido Trentalancia <guido@trentalancia.net> --- include/sepol/policydb/polcaps.h | 1 + src/polcaps.c | 1 + 2 files changed, 2 insertions(+)