diff options
Diffstat (limited to 'security/tomoyo/audit.c')
-rw-r--r-- | security/tomoyo/audit.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/security/tomoyo/audit.c b/security/tomoyo/audit.c index 4973edd4071..b33a20accbe 100644 --- a/security/tomoyo/audit.c +++ b/security/tomoyo/audit.c | |||
@@ -140,6 +140,8 @@ char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt, | |||
140 | { | 140 | { |
141 | char *buf = NULL; | 141 | char *buf = NULL; |
142 | const char *header = NULL; | 142 | const char *header = NULL; |
143 | char *realpath = NULL; | ||
144 | const char *symlink = NULL; | ||
143 | int pos; | 145 | int pos; |
144 | const char *domainname = r->domain->domainname->name; | 146 | const char *domainname = r->domain->domainname->name; |
145 | header = tomoyo_print_header(r); | 147 | header = tomoyo_print_header(r); |
@@ -147,15 +149,34 @@ char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt, | |||
147 | return NULL; | 149 | return NULL; |
148 | /* +10 is for '\n' etc. and '\0'. */ | 150 | /* +10 is for '\n' etc. and '\0'. */ |
149 | len += strlen(domainname) + strlen(header) + 10; | 151 | len += strlen(domainname) + strlen(header) + 10; |
152 | if (r->ee) { | ||
153 | struct file *file = r->ee->bprm->file; | ||
154 | realpath = tomoyo_realpath_from_path(&file->f_path); | ||
155 | if (!realpath) | ||
156 | goto out; | ||
157 | /* +80 is for " exec={ realpath=\"%s\" }" */ | ||
158 | len += strlen(realpath) + 80; | ||
159 | } else if (r->obj && r->obj->symlink_target) { | ||
160 | symlink = r->obj->symlink_target->name; | ||
161 | /* +18 is for " symlink.target=\"%s\"" */ | ||
162 | len += 18 + strlen(symlink); | ||
163 | } | ||
150 | len = tomoyo_round2(len); | 164 | len = tomoyo_round2(len); |
151 | buf = kzalloc(len, GFP_NOFS); | 165 | buf = kzalloc(len, GFP_NOFS); |
152 | if (!buf) | 166 | if (!buf) |
153 | goto out; | 167 | goto out; |
154 | len--; | 168 | len--; |
155 | pos = snprintf(buf, len, "%s", header); | 169 | pos = snprintf(buf, len, "%s", header); |
170 | if (realpath) { | ||
171 | pos += snprintf(buf + pos, len - pos, | ||
172 | " exec={ realpath=\"%s\" }", realpath); | ||
173 | } else if (symlink) | ||
174 | pos += snprintf(buf + pos, len - pos, " symlink.target=\"%s\"", | ||
175 | symlink); | ||
156 | pos += snprintf(buf + pos, len - pos, "\n%s\n", domainname); | 176 | pos += snprintf(buf + pos, len - pos, "\n%s\n", domainname); |
157 | vsnprintf(buf + pos, len - pos, fmt, args); | 177 | vsnprintf(buf + pos, len - pos, fmt, args); |
158 | out: | 178 | out: |
179 | kfree(realpath); | ||
159 | kfree(header); | 180 | kfree(header); |
160 | return buf; | 181 | return buf; |
161 | } | 182 | } |