Commit 75c146da authored by Stephen D. Smalley's avatar Stephen D. Smalley Committed by Linus Torvalds

[PATCH] SELinux: audit any unmapped permissions

This patch changes SELinux to display any permission values that could not
be mapped to names as a hex value when generating an audit message.
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: default avatarJames Morris <jmorris@redhat.com>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 11787a9a
......@@ -162,8 +162,10 @@ void avc_dump_av(struct audit_buffer *ab, u16 tclass, u32 av)
i = 0;
perm = 1;
while (perm < common_base) {
if (perm & av)
if (perm & av) {
audit_log_format(ab, " %s", common_pts[i]);
av &= ~perm;
}
i++;
perm <<= 1;
}
......@@ -175,14 +177,19 @@ void avc_dump_av(struct audit_buffer *ab, u16 tclass, u32 av)
(av_perm_to_string[i2].value == perm))
break;
}
if (i2 < ARRAY_SIZE(av_perm_to_string))
if (i2 < ARRAY_SIZE(av_perm_to_string)) {
audit_log_format(ab, " %s",
av_perm_to_string[i2].name);
av &= ~perm;
}
}
i++;
perm <<= 1;
}
if (av)
audit_log_format(ab, " 0x%x", av);
audit_log_format(ab, " }");
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment