diff options
| author |   David S. Miller <davem@davemloft.net> | 2019-05-28 21:37:30 -0700 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2019-05-28 21:37:30 -0700 |
| commit | c38e57aecbb4244b1ada82b059a0b79dde7309f9 (patch) | |
| tree | b846b64bcf7696f24db792a5c710a008f643ff4c /security/selinux/nlmsgtab.c | |
| parent | Merge branch 'hns3-next' (diff) | |
| parent | nexthop: Add support for nexthop groups (diff) | |
| download | wireguard-linux-c38e57aecbb4244b1ada82b059a0b79dde7309f9.tar.xz wireguard-linux-c38e57aecbb4244b1ada82b059a0b79dde7309f9.zip | |
Merge branch 'net-API-and-initial-implementation-for-nexthop-objects'
David Ahern says:
====================
net: API and initial implementation for nexthop objects
This set contains the API and initial implementation for nexthops as
standalone objects.
Patch 1 contains the UAPI and updates to selinux struct.
Patch 2 contains the barebones code for nexthop commands, rbtree
maintenance and notifications.
Patch 3 then adds support for IPv4 gateways along with handling of
netdev events.
Patch 4 adds support for IPv6 gateways.
Patch 5 has the implementation of the encap attributes.
Patch 6 adds support for nexthop groups.
At the end of this set, nexthop objects can be created and deleted and
userspace can monitor nexthop events, but ipv4 and ipv6 routes can not
use them yet. Once the nexthop struct is defined, follow on sets add it
to fib{6}_info and handle it within the respective code before routes
can be inserted using them.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security/selinux/nlmsgtab.c')
| -rw-r--r-- | security/selinux/nlmsgtab.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 9cec81209617..2c75d823d8e2 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -83,6 +83,9 @@ static const struct nlmsg_perm nlmsg_route_perms[] = { RTM_NEWCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, { RTM_DELCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, { RTM_GETCHAIN, NETLINK_ROUTE_SOCKET__NLMSG_READ }, + { RTM_NEWNEXTHOP, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, + { RTM_DELNEXTHOP, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, + { RTM_GETNEXTHOP, NETLINK_ROUTE_SOCKET__NLMSG_READ }, }; static const struct nlmsg_perm nlmsg_tcpdiag_perms[] = @@ -166,7 +169,7 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) * structures at the top of this file with the new mappings * before updating the BUILD_BUG_ON() macro! */ - BUILD_BUG_ON(RTM_MAX != (RTM_NEWCHAIN + 3)); + BUILD_BUG_ON(RTM_MAX != (RTM_NEWNEXTHOP + 3)); err = nlmsg_perm(nlmsg_type, perm, nlmsg_route_perms, sizeof(nlmsg_route_perms)); break; |