diff options
-rw-r--r-- | include/linux/lsm_audit.h | 4 | ||||
-rw-r--r-- | security/smack/smack.h | 2 | ||||
-rw-r--r-- | security/smack/smack_access.c | 7 |
3 files changed, 7 insertions, 6 deletions
diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h index e461b2c3d711..68f7bce572b0 100644 --- a/include/linux/lsm_audit.h +++ b/include/linux/lsm_audit.h | |||
@@ -66,11 +66,11 @@ struct common_audit_data { | |||
66 | } key_struct; | 66 | } key_struct; |
67 | #endif | 67 | #endif |
68 | } u; | 68 | } u; |
69 | const char *function; | ||
70 | /* this union contains LSM specific data */ | 69 | /* this union contains LSM specific data */ |
71 | union { | 70 | union { |
72 | /* SMACK data */ | 71 | /* SMACK data */ |
73 | struct smack_audit_data { | 72 | struct smack_audit_data { |
73 | const char *function; | ||
74 | char *subject; | 74 | char *subject; |
75 | char *object; | 75 | char *object; |
76 | char *request; | 76 | char *request; |
@@ -104,7 +104,7 @@ int ipv6_skb_to_auditdata(struct sk_buff *skb, | |||
104 | /* Initialize an LSM audit data structure. */ | 104 | /* Initialize an LSM audit data structure. */ |
105 | #define COMMON_AUDIT_DATA_INIT(_d, _t) \ | 105 | #define COMMON_AUDIT_DATA_INIT(_d, _t) \ |
106 | { memset((_d), 0, sizeof(struct common_audit_data)); \ | 106 | { memset((_d), 0, sizeof(struct common_audit_data)); \ |
107 | (_d)->type = LSM_AUDIT_DATA_##_t; (_d)->function = __func__; } | 107 | (_d)->type = LSM_AUDIT_DATA_##_t; } |
108 | 108 | ||
109 | void common_lsm_audit(struct common_audit_data *a); | 109 | void common_lsm_audit(struct common_audit_data *a); |
110 | 110 | ||
diff --git a/security/smack/smack.h b/security/smack/smack.h index 243bec175be0..ff180ede3e47 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h | |||
@@ -275,7 +275,7 @@ static inline void smk_ad_init(struct smk_audit_info *a, const char *func, | |||
275 | { | 275 | { |
276 | memset(a, 0, sizeof(*a)); | 276 | memset(a, 0, sizeof(*a)); |
277 | a->a.type = type; | 277 | a->a.type = type; |
278 | a->a.function = func; | 278 | a->a.lsm_priv.smack_audit_data.function = func; |
279 | } | 279 | } |
280 | 280 | ||
281 | static inline void smk_ad_setfield_u_tsk(struct smk_audit_info *a, | 281 | static inline void smk_ad_setfield_u_tsk(struct smk_audit_info *a, |
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c index 513dc1aa16dd..dd84877dff30 100644 --- a/security/smack/smack_access.c +++ b/security/smack/smack_access.c | |||
@@ -241,7 +241,8 @@ static void smack_log_callback(struct audit_buffer *ab, void *a) | |||
241 | { | 241 | { |
242 | struct common_audit_data *ad = a; | 242 | struct common_audit_data *ad = a; |
243 | struct smack_audit_data *sad = &ad->lsm_priv.smack_audit_data; | 243 | struct smack_audit_data *sad = &ad->lsm_priv.smack_audit_data; |
244 | audit_log_format(ab, "lsm=SMACK fn=%s action=%s", ad->function, | 244 | audit_log_format(ab, "lsm=SMACK fn=%s action=%s", |
245 | ad->lsm_priv.smack_audit_data.function, | ||
245 | sad->result ? "denied" : "granted"); | 246 | sad->result ? "denied" : "granted"); |
246 | audit_log_format(ab, " subject="); | 247 | audit_log_format(ab, " subject="); |
247 | audit_log_untrustedstring(ab, sad->subject); | 248 | audit_log_untrustedstring(ab, sad->subject); |
@@ -274,8 +275,8 @@ void smack_log(char *subject_label, char *object_label, int request, | |||
274 | if (result == 0 && (log_policy & SMACK_AUDIT_ACCEPT) == 0) | 275 | if (result == 0 && (log_policy & SMACK_AUDIT_ACCEPT) == 0) |
275 | return; | 276 | return; |
276 | 277 | ||
277 | if (a->function == NULL) | 278 | if (a->lsm_priv.smack_audit_data.function == NULL) |
278 | a->function = "unknown"; | 279 | a->lsm_priv.smack_audit_data.function = "unknown"; |
279 | 280 | ||
280 | /* end preparing the audit data */ | 281 | /* end preparing the audit data */ |
281 | sad = &a->lsm_priv.smack_audit_data; | 282 | sad = &a->lsm_priv.smack_audit_data; |