Commit cded3fff authored by Marek Milkovic's avatar Marek Milkovic Committed by Paul Moore

selinux: Print 'sclass' as string when unrecognized netlink message occurs

This prints the 'sclass' field as string instead of index in unrecognized netlink message.
The textual representation makes it easier to distinguish the right class.
Signed-off-by: default avatarMarek Milkovic <mmilkovi@redhat.com>
Acked-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
[PM: 80-char width fixes]
Signed-off-by: default avatarPaul Moore <pmoore@redhat.com>
parent e6e29a4e
...@@ -4713,8 +4713,9 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) ...@@ -4713,8 +4713,9 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb)
if (err == -EINVAL) { if (err == -EINVAL) {
printk(KERN_WARNING printk(KERN_WARNING
"SELinux: unrecognized netlink message:" "SELinux: unrecognized netlink message:"
" protocol=%hu nlmsg_type=%hu sclass=%hu\n", " protocol=%hu nlmsg_type=%hu sclass=%s\n",
sk->sk_protocol, nlh->nlmsg_type, sksec->sclass); sk->sk_protocol, nlh->nlmsg_type,
secclass_map[sksec->sclass - 1].name);
if (!selinux_enforcing || security_get_allow_unknown()) if (!selinux_enforcing || security_get_allow_unknown())
err = 0; err = 0;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment