Commit 581abc09 authored by Eric W. Biederman's avatar Eric W. Biederman

userns: Convert selinux to use kuid and kgid where appropriate

Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: James Morris <james.l.morris@oracle.com>
Cc: Eric Paris <eparis@parisplace.org>
Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
parent 609fcd1b
...@@ -174,7 +174,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf, ...@@ -174,7 +174,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS,
"enforcing=%d old_enforcing=%d auid=%u ses=%u", "enforcing=%d old_enforcing=%d auid=%u ses=%u",
new_value, selinux_enforcing, new_value, selinux_enforcing,
audit_get_loginuid(current), from_kuid(&init_user_ns, audit_get_loginuid(current)),
audit_get_sessionid(current)); audit_get_sessionid(current));
selinux_enforcing = new_value; selinux_enforcing = new_value;
if (selinux_enforcing) if (selinux_enforcing)
...@@ -305,7 +305,7 @@ static ssize_t sel_write_disable(struct file *file, const char __user *buf, ...@@ -305,7 +305,7 @@ static ssize_t sel_write_disable(struct file *file, const char __user *buf,
goto out; goto out;
audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS,
"selinux=0 auid=%u ses=%u", "selinux=0 auid=%u ses=%u",
audit_get_loginuid(current), from_kuid(&init_user_ns, audit_get_loginuid(current)),
audit_get_sessionid(current)); audit_get_sessionid(current));
} }
...@@ -551,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf, ...@@ -551,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
out1: out1:
audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
"policy loaded auid=%u ses=%u", "policy loaded auid=%u ses=%u",
audit_get_loginuid(current), from_kuid(&init_user_ns, audit_get_loginuid(current)),
audit_get_sessionid(current)); audit_get_sessionid(current));
out: out:
mutex_unlock(&sel_mutex); mutex_unlock(&sel_mutex);
......
...@@ -2440,7 +2440,7 @@ int security_set_bools(int len, int *values) ...@@ -2440,7 +2440,7 @@ int security_set_bools(int len, int *values)
sym_name(&policydb, SYM_BOOLS, i), sym_name(&policydb, SYM_BOOLS, i),
!!values[i], !!values[i],
policydb.bool_val_to_struct[i]->state, policydb.bool_val_to_struct[i]->state,
audit_get_loginuid(current), from_kuid(&init_user_ns, audit_get_loginuid(current)),
audit_get_sessionid(current)); audit_get_sessionid(current));
} }
if (values[i]) if (values[i])
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment