Commit 5f409cbc authored Feb 05, 2025 by Thiébaud Weksteen Committed by Greg Kroah-Hartman Feb 19, 2025

ANDROID: selinux: modify RTM_GETNEIGH{TBL}



Map the permission gating RTM_GETNEIGH/RTM_GETNEIGHTBL messages to a
new permission so that it can be distinguished from the other netlink
route permissions in selinux policy. The new permission is triggered by
a flag set in system images T and up.

While the kernel supports the new nlmsg extended permission, the policy
does not yet contain the new rules. Keep the support for the
Android-specific policy until the new policy lands.

Bug: 392913234
Bug: 353255679
Test: atest CtsSelinuxTargetSdk25TestCases
Test: atest CtsSelinuxTargetSdk27TestCases
Test: atest CtsSelinuxTargetSdk28TestCases
Test: atest CtsSelinuxTargetSdk29TestCases
Test: atest CtsSelinuxTargetSdk30TestCases
Test: atest CtsSelinuxTargetSdkCurrentTestCases
Signed-off-by: Bram Bonné <brambonne@google.com>
Signed-off-by: Thiébaud Weksteen <tweek@google.com>
Change-Id: I8b34841d7afc97ec1db5dc01444fa26eb68a6e4b

parent b4563881

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit 5b51c9c5
· Nov 05, 2025

mentioned in commit 5b51c9c5

mentioned in commit 5b51c9c5d5c278a5a510f1aba0e5ccb12ce41548

Toggle commit list

Please to comment