Define smc_socket security class.
Linux kernel commit da69a5306ab9 ("selinux: support distinctions among all
network address families") triggers a build error if a new address family
is added without defining a corresponding SELinux security class. As a
result, the smc_socket class was added to the kernel to resolve a build
failure as part of merge commit 3051bf36c25d that introduced AF_SMC circa
Linux 4.11. Define this security class and its access vector, add
it to the socket_class_set macro, and exclude it from webview_zygote
like other socket classes.
Test: Policy builds
Change-Id: Idbb8139bb09c6d1c47f1a76bd10f4ce1e9d939cb
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
diff --git a/private/access_vectors b/private/access_vectors
index 0e2cf21..ad4624d 100644
--- a/private/access_vectors
+++ b/private/access_vectors
@@ -657,6 +657,9 @@
class qipcrtr_socket
inherits socket
+class smc_socket
+inherits socket
+
class property_service
{
set