diff options
Diffstat (limited to 'net/netlabel/netlabel_cipso_v4.c')
| -rw-r--r-- | net/netlabel/netlabel_cipso_v4.c | 48 |
1 files changed, 29 insertions, 19 deletions
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c index 09986ca962a6..a6ce1d6d5c59 100644 --- a/net/netlabel/netlabel_cipso_v4.c +++ b/net/netlabel/netlabel_cipso_v4.c | |||
| @@ -384,11 +384,15 @@ static int netlbl_cipsov4_add(struct sk_buff *skb, struct genl_info *info) | |||
| 384 | u32 doi; | 384 | u32 doi; |
| 385 | const char *type_str = "(unknown)"; | 385 | const char *type_str = "(unknown)"; |
| 386 | struct audit_buffer *audit_buf; | 386 | struct audit_buffer *audit_buf; |
| 387 | struct netlbl_audit audit_info; | ||
| 387 | 388 | ||
| 388 | if (!info->attrs[NLBL_CIPSOV4_A_DOI] || | 389 | if (!info->attrs[NLBL_CIPSOV4_A_DOI] || |
| 389 | !info->attrs[NLBL_CIPSOV4_A_MTYPE]) | 390 | !info->attrs[NLBL_CIPSOV4_A_MTYPE]) |
| 390 | return -EINVAL; | 391 | return -EINVAL; |
| 391 | 392 | ||
| 393 | doi = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_DOI]); | ||
| 394 | netlbl_netlink_auditinfo(skb, &audit_info); | ||
| 395 | |||
| 392 | type = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_MTYPE]); | 396 | type = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_MTYPE]); |
| 393 | switch (type) { | 397 | switch (type) { |
| 394 | case CIPSO_V4_MAP_STD: | 398 | case CIPSO_V4_MAP_STD: |
| @@ -401,13 +405,14 @@ static int netlbl_cipsov4_add(struct sk_buff *skb, struct genl_info *info) | |||
| 401 | break; | 405 | break; |
| 402 | } | 406 | } |
| 403 | 407 | ||
| 404 | if (ret_val == 0) { | 408 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_ADD, |
| 405 | doi = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_DOI]); | 409 | &audit_info); |
| 406 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_ADD, | 410 | audit_log_format(audit_buf, |
| 407 | NETLINK_CB(skb).sid); | 411 | " cipso_doi=%u cipso_type=%s res=%u", |
| 408 | audit_log_format(audit_buf, " doi=%u type=%s", doi, type_str); | 412 | doi, |
| 409 | audit_log_end(audit_buf); | 413 | type_str, |
| 410 | } | 414 | ret_val == 0 ? 1 : 0); |
| 415 | audit_log_end(audit_buf); | ||
| 411 | 416 | ||
| 412 | return ret_val; | 417 | return ret_val; |
| 413 | } | 418 | } |
| @@ -668,20 +673,25 @@ static int netlbl_cipsov4_remove(struct sk_buff *skb, struct genl_info *info) | |||
| 668 | int ret_val = -EINVAL; | 673 | int ret_val = -EINVAL; |
| 669 | u32 doi = 0; | 674 | u32 doi = 0; |
| 670 | struct audit_buffer *audit_buf; | 675 | struct audit_buffer *audit_buf; |
| 676 | struct netlbl_audit audit_info; | ||
| 671 | 677 | ||
| 672 | if (info->attrs[NLBL_CIPSOV4_A_DOI]) { | 678 | if (!info->attrs[NLBL_CIPSOV4_A_DOI]) |
| 673 | doi = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_DOI]); | 679 | return -EINVAL; |
| 674 | ret_val = cipso_v4_doi_remove(doi, | ||
| 675 | NETLINK_CB(skb).sid, | ||
| 676 | netlbl_cipsov4_doi_free); | ||
| 677 | } | ||
| 678 | 680 | ||
| 679 | if (ret_val == 0) { | 681 | doi = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_DOI]); |
| 680 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_DEL, | 682 | netlbl_netlink_auditinfo(skb, &audit_info); |
| 681 | NETLINK_CB(skb).sid); | 683 | |
| 682 | audit_log_format(audit_buf, " doi=%u", doi); | 684 | ret_val = cipso_v4_doi_remove(doi, |
| 683 | audit_log_end(audit_buf); | 685 | &audit_info, |
| 684 | } | 686 | netlbl_cipsov4_doi_free); |
| 687 | |||
| 688 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_DEL, | ||
| 689 | &audit_info); | ||
| 690 | audit_log_format(audit_buf, | ||
| 691 | " cipso_doi=%u res=%u", | ||
| 692 | doi, | ||
| 693 | ret_val == 0 ? 1 : 0); | ||
| 694 | audit_log_end(audit_buf); | ||
| 685 | 695 | ||
| 686 | return ret_val; | 696 | return ret_val; |
| 687 | } | 697 | } |