From 181298ab8b7f0989f1e76df73000b6d1b80c7670 Mon Sep 17 00:00:00 2001
From: Jason Zaman <jason@perfinion.com>
Date: Tue, 10 Jul 2018 23:03:14 +0800
Subject: [PATCH] selinux: compute_access_vector requires creating
 netlink_selinux_sockets

---
 policy/modules/kernel/selinux.if | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index 8123b25f1..6790e5d0f 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -534,6 +534,7 @@ interface(`selinux_compute_access_vector',`
 	')
 
 	dev_search_sysfs($1)
+	allow $1 self:netlink_selinux_socket create_socket_perms;
 	allow $1 security_t:dir list_dir_perms;
 	allow $1 security_t:file rw_file_perms;
 	allow $1 security_t:security compute_av;