[PATCH] SELinux: audit task comm if exe cannot be determined

This patch ensures that the comm is included in the audit message if avc_audit is unable to determine the exe due to the mmap_sem being held. This is helpful in tracking down the causes of permission denials that occur in the mmap/mprotect hooks. Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil> Signed-off-by: James Morris <jmorris@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

[PATCH] SELinux: audit task comm if exe cannot be determined
This patch ensures that the comm is included in the audit message if avc_audit is unable to determine the exe due to the mmap_sem being held. This is helpful in tracking down the causes of permission denials that occur in the mmap/mprotect hooks. Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil> Signed-off-by: James Morris <jmorris@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
0b6e573e · Stephen D. Smalley · Linus Torvalds · 8a6f1605 · 0b6e573e
Commit 0b6e573e authored Jan 04, 2005 by Stephen D. Smalley Committed by Linus Torvalds Jan 04, 2005
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

security/selinux/avc.c security/selinux/avc.c +2 -0

No files found.
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -573,6 +573,8 @@ void avc_audit(u32 ssid, u32 tsid,
 					vma = vma->vm_next;
 				}
 				up_read(&mm->mmap_sem);
+			} else {
+				audit_log_format(ab, " comm=%s", tsk->comm);
 			}
 			if (tsk != current)
 				mmput(mm);