From 384d8a7bf4a346b50469cc8b6bbee5d7f386ed92 Mon Sep 17 00:00:00 2001 From: Daniel Burgener Date: Wed, 23 Oct 2024 12:40:22 -0400 Subject: [PATCH] Add parse check for new netlink xperm support Based on documentation here: https://github.com/SELinuxProject/selinux-notebook/pull/40/files This test already passes out of the box, because our XPERM parse support is pretty generic, but I figure its worth being more explicit in our test files. --- tests/sample_policy_files/uncommon.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/sample_policy_files/uncommon.te b/tests/sample_policy_files/uncommon.te index 0de4a00..581392d 100644 --- a/tests/sample_policy_files/uncommon.te +++ b/tests/sample_policy_files/uncommon.te @@ -160,3 +160,5 @@ optional_policy(` ') filetrans_pattern(foo_t, bar_run_t, baz_run_t, dir, ``"interface"'') + +allowxperm src_t tgt_t: netlink_route_socket nlmsg { RTM_GETROUTE 0x44 };