From b4ba35c75a0671a06b978b6386b54148efddf39f Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Wed, 11 Jan 2017 16:33:54 -0500
Subject: selinux: drop unused socket security classes

Several of the extended socket classes introduced by
commit da69a5306ab92e07 ("selinux: support distinctions
among all network address families") are never used because
sockets can never be created with the associated address family.
Remove these unused socket security classes.  The removed classes
are bridge_socket for PF_BRIDGE, ib_socket for PF_IB, and mpls_socket
for PF_MPLS.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
---
 security/selinux/include/classmap.h | 6 ------
 1 file changed, 6 deletions(-)

(limited to 'security/selinux/include/classmap.h')

diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h
index 0dfd26d0b8d8..7898ffa6d3e6 100644
--- a/security/selinux/include/classmap.h
+++ b/security/selinux/include/classmap.h
@@ -183,8 +183,6 @@ struct security_class_mapping secclass_map[] = {
 	  { COMMON_SOCK_PERMS, NULL } },
 	{ "netrom_socket",
 	  { COMMON_SOCK_PERMS, NULL } },
-	{ "bridge_socket",
-	  { COMMON_SOCK_PERMS, NULL } },
 	{ "atmpvc_socket",
 	  { COMMON_SOCK_PERMS, NULL } },
 	{ "x25_socket",
@@ -203,10 +201,6 @@ struct security_class_mapping secclass_map[] = {
 	  { COMMON_SOCK_PERMS, NULL } },
 	{ "llc_socket",
 	  { COMMON_SOCK_PERMS, NULL } },
-	{ "ib_socket",
-	  { COMMON_SOCK_PERMS, NULL } },
-	{ "mpls_socket",
-	  { COMMON_SOCK_PERMS, NULL } },
 	{ "can_socket",
 	  { COMMON_SOCK_PERMS, NULL } },
 	{ "tipc_socket",
-- 
cgit v1.2.3