rpms/kernel/F-10 linux-2.6-selinux-recognise-addrlabel.patch, NONE, 1.1 kernel.spec, 1.1157, 1.1158

Dave Jones davej at fedoraproject.org
Wed Nov 19 21:08:22 UTC 2008 

Author: davej

Update of /cvs/pkgs/rpms/kernel/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv11157

Modified Files:
	kernel.spec 
Added Files:
	linux-2.6-selinux-recognise-addrlabel.patch 
Log Message:
selinux: recognize netlink messages for 'ip addrlabel' (#469423)

linux-2.6-selinux-recognise-addrlabel.patch:

--- NEW FILE linux-2.6-selinux-recognise-addrlabel.patch ---
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index ff59c0c..4ed7bab 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -63,6 +63,9 @@ static struct nlmsg_perm nlmsg_route_perms[] =
 	{ RTM_GETANYCAST,	NETLINK_ROUTE_SOCKET__NLMSG_READ  },
 	{ RTM_GETNEIGHTBL,	NETLINK_ROUTE_SOCKET__NLMSG_READ  },
 	{ RTM_SETNEIGHTBL,	NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
+	{ RTM_NEWADDRLABEL,	NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
+	{ RTM_DELADDRLABEL,	NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
+	{ RTM_GETADDRLABEL,	NETLINK_ROUTE_SOCKET__NLMSG_READ  },
 };
 
 static struct nlmsg_perm nlmsg_firewall_perms[] =
-- 
1.6.0.3



Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-10/kernel.spec,v
retrieving revision 1.1157
retrieving revision 1.1158
diff -u -r1.1157 -r1.1158
--- kernel.spec	19 Nov 2008 20:29:29 -0000	1.1157
+++ kernel.spec	19 Nov 2008 21:07:51 -0000	1.1158
@@ -631,6 +631,7 @@
 Patch530: linux-2.6-silence-fbcon-logo.patch
 Patch570: linux-2.6-selinux-mprotect-checks.patch
 Patch580: linux-2.6-sparc-selinux-mprotect-checks.patch
+Patch590: linux-2.6-selinux-recognise-addrlabel.patch
 
 Patch670: linux-2.6-ata-quirk.patch
 Patch672: linux-2.6-libata-avoid-overflow-with-large-disks.patch
@@ -1240,6 +1241,8 @@
 ApplyPatch linux-2.6-selinux-mprotect-checks.patch
 # Fix SELinux for sparc
 ApplyPatch linux-2.6-sparc-selinux-mprotect-checks.patch
+# selinux: recognize netlink messages for 'ip addrlabel'
+ApplyPatch linux-2.6-selinux-recognise-addrlabel.patch
 
 # Changes to upstream defaults.
 
@@ -1935,6 +1938,9 @@
 %kernel_variant_files -k vmlinux %{with_kdump} kdump
 
 %changelog
+* Wed Nov 19 2008 Dave Jones <davej at redhat.com> 2.6.27.5-122
+- selinux: recognize netlink messages for 'ip addrlabel' (#469423)
+
 * Wed Nov 19 2008 Hans de Goede <hdegoede at redhat.com> 2.6.27.5-121
 - Update uvcvideo to latest git
 - Patch uvcvideo to not make older logitech cams crash (bz 472217)

More information about the fedora-extras-commits mailing list