diff options
| author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 12:24:53 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 12:24:53 -0500 |
| commit | 1b9a3917366028cc451a98dd22e3bcd537d4e5c1 (patch) | |
| tree | d911058720e0a9aeeaf9f407ccdc6fbf4047f47d /security/selinux/ss | |
| parent | 3661f00e2097676847deb01add1a0918044bd816 (diff) | |
| parent | 71e1c784b24a026a490b3de01541fc5ee14ebc09 (diff) | |
Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)
[PATCH] fix audit_init failure path
[PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format
[PATCH] sem2mutex: audit_netlink_sem
[PATCH] simplify audit_free() locking
[PATCH] Fix audit operators
[PATCH] promiscuous mode
[PATCH] Add tty to syscall audit records
[PATCH] add/remove rule update
[PATCH] audit string fields interface + consumer
[PATCH] SE Linux audit events
[PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c
[PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL
[PATCH] Fix IA64 success/failure indication in syscall auditing.
[PATCH] Miscellaneous bug and warning fixes
[PATCH] Capture selinux subject/object context information.
[PATCH] Exclude messages by message type
[PATCH] Collect more inode information during syscall processing.
[PATCH] Pass dentry, not just name, in fsnotify creation hooks.
[PATCH] Define new range of userspace messages.
[PATCH] Filter rule comparators
...
Fixed trivial conflict in security/selinux/hooks.c
Diffstat (limited to 'security/selinux/ss')
| -rw-r--r-- | security/selinux/ss/services.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 63e0b7f29cb5..61492485de84 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
| @@ -1759,19 +1759,22 @@ int security_set_bools(int len, int *values) | |||
| 1759 | goto out; | 1759 | goto out; |
| 1760 | } | 1760 | } |
| 1761 | 1761 | ||
| 1762 | printk(KERN_INFO "security: committed booleans { "); | ||
| 1763 | for (i = 0; i < len; i++) { | 1762 | for (i = 0; i < len; i++) { |
| 1763 | if (!!values[i] != policydb.bool_val_to_struct[i]->state) { | ||
| 1764 | audit_log(current->audit_context, GFP_ATOMIC, | ||
| 1765 | AUDIT_MAC_CONFIG_CHANGE, | ||
| 1766 | "bool=%s val=%d old_val=%d auid=%u", | ||
| 1767 | policydb.p_bool_val_to_name[i], | ||
| 1768 | !!values[i], | ||
| 1769 | policydb.bool_val_to_struct[i]->state, | ||
| 1770 | audit_get_loginuid(current->audit_context)); | ||
| 1771 | } | ||
| 1764 | if (values[i]) { | 1772 | if (values[i]) { |
| 1765 | policydb.bool_val_to_struct[i]->state = 1; | 1773 | policydb.bool_val_to_struct[i]->state = 1; |
| 1766 | } else { | 1774 | } else { |
| 1767 | policydb.bool_val_to_struct[i]->state = 0; | 1775 | policydb.bool_val_to_struct[i]->state = 0; |
| 1768 | } | 1776 | } |
| 1769 | if (i != 0) | ||
| 1770 | printk(", "); | ||
| 1771 | printk("%s:%d", policydb.p_bool_val_to_name[i], | ||
| 1772 | policydb.bool_val_to_struct[i]->state); | ||
| 1773 | } | 1777 | } |
| 1774 | printk(" }\n"); | ||
| 1775 | 1778 | ||
| 1776 | for (cur = policydb.cond_list; cur != NULL; cur = cur->next) { | 1779 | for (cur = policydb.cond_list; cur != NULL; cur = cur->next) { |
| 1777 | rc = evaluate_cond_node(&policydb, cur); | 1780 | rc = evaluate_cond_node(&policydb, cur); |