classmap.h (320424c7d44f54c18df9812fd7c45f6963524002) classmap.h (bc49d8169aa72295104f1558830c568efb946315)
1/* SPDX-License-Identifier: GPL-2.0 */
2#include <linux/capability.h>
3#include <linux/socket.h>
4
5#define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \
6 "getattr", "setattr", "lock", "relabelfrom", "relabelto", "append", "map"
7
8#define COMMON_FILE_PERMS COMMON_FILE_SOCK_PERMS, "unlink", "link", \

--- 232 unchanged lines hidden (view full) ---

241 { "access", NULL } },
242 { "infiniband_endport",
243 { "manage_subnet", NULL } },
244 { "bpf",
245 { "map_create", "map_read", "map_write", "prog_load", "prog_run",
246 NULL } },
247 { "xdp_socket",
248 { COMMON_SOCK_PERMS, NULL } },
1/* SPDX-License-Identifier: GPL-2.0 */
2#include <linux/capability.h>
3#include <linux/socket.h>
4
5#define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \
6 "getattr", "setattr", "lock", "relabelfrom", "relabelto", "append", "map"
7
8#define COMMON_FILE_PERMS COMMON_FILE_SOCK_PERMS, "unlink", "link", \

--- 232 unchanged lines hidden (view full) ---

241 { "access", NULL } },
242 { "infiniband_endport",
243 { "manage_subnet", NULL } },
244 { "bpf",
245 { "map_create", "map_read", "map_write", "prog_load", "prog_run",
246 NULL } },
247 { "xdp_socket",
248 { COMMON_SOCK_PERMS, NULL } },
249 { "mctp_socket",
250 { COMMON_SOCK_PERMS, NULL } },
249 { "perf_event",
250 { "open", "cpu", "kernel", "tracepoint", "read", "write", NULL } },
251 { "lockdown",
252 { "integrity", "confidentiality", NULL } },
253 { "anon_inode",
254 { COMMON_FILE_PERMS, NULL } },
255 { NULL }
256 };
257
251 { "perf_event",
252 { "open", "cpu", "kernel", "tracepoint", "read", "write", NULL } },
253 { "lockdown",
254 { "integrity", "confidentiality", NULL } },
255 { "anon_inode",
256 { COMMON_FILE_PERMS, NULL } },
257 { NULL }
258 };
259
258#if PF_MAX > 45
260#if PF_MAX > 46
259#error New address family defined, please update secclass_map.
260#endif
261#error New address family defined, please update secclass_map.
262#endif