diff options
Diffstat (limited to 'security/selinux/avc.c')
| -rw-r--r-- | security/selinux/avc.c | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index b5545a84448a..36c42bb52d81 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c | |||
| @@ -436,9 +436,9 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) | |||
| 436 | { | 436 | { |
| 437 | struct common_audit_data *ad = a; | 437 | struct common_audit_data *ad = a; |
| 438 | audit_log_format(ab, "avc: %s ", | 438 | audit_log_format(ab, "avc: %s ", |
| 439 | ad->selinux_audit_data->denied ? "denied" : "granted"); | 439 | ad->selinux_audit_data->slad->denied ? "denied" : "granted"); |
| 440 | avc_dump_av(ab, ad->selinux_audit_data->tclass, | 440 | avc_dump_av(ab, ad->selinux_audit_data->slad->tclass, |
| 441 | ad->selinux_audit_data->audited); | 441 | ad->selinux_audit_data->slad->audited); |
| 442 | audit_log_format(ab, " for "); | 442 | audit_log_format(ab, " for "); |
| 443 | } | 443 | } |
| 444 | 444 | ||
| @@ -452,9 +452,9 @@ static void avc_audit_post_callback(struct audit_buffer *ab, void *a) | |||
| 452 | { | 452 | { |
| 453 | struct common_audit_data *ad = a; | 453 | struct common_audit_data *ad = a; |
| 454 | audit_log_format(ab, " "); | 454 | audit_log_format(ab, " "); |
| 455 | avc_dump_query(ab, ad->selinux_audit_data->ssid, | 455 | avc_dump_query(ab, ad->selinux_audit_data->slad->ssid, |
| 456 | ad->selinux_audit_data->tsid, | 456 | ad->selinux_audit_data->slad->tsid, |
| 457 | ad->selinux_audit_data->tclass); | 457 | ad->selinux_audit_data->slad->tclass); |
| 458 | } | 458 | } |
| 459 | 459 | ||
| 460 | /* This is the slow part of avc audit with big stack footprint */ | 460 | /* This is the slow part of avc audit with big stack footprint */ |
| @@ -465,6 +465,7 @@ static noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass, | |||
| 465 | { | 465 | { |
| 466 | struct common_audit_data stack_data; | 466 | struct common_audit_data stack_data; |
| 467 | struct selinux_audit_data sad = {0,}; | 467 | struct selinux_audit_data sad = {0,}; |
| 468 | struct selinux_late_audit_data slad; | ||
| 468 | 469 | ||
| 469 | if (!a) { | 470 | if (!a) { |
| 470 | a = &stack_data; | 471 | a = &stack_data; |
| @@ -483,12 +484,14 @@ static noinline int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass, | |||
| 483 | (flags & MAY_NOT_BLOCK)) | 484 | (flags & MAY_NOT_BLOCK)) |
| 484 | return -ECHILD; | 485 | return -ECHILD; |
| 485 | 486 | ||
| 486 | a->selinux_audit_data->tclass = tclass; | 487 | slad.tclass = tclass; |
| 487 | a->selinux_audit_data->requested = requested; | 488 | slad.requested = requested; |
| 488 | a->selinux_audit_data->ssid = ssid; | 489 | slad.ssid = ssid; |
| 489 | a->selinux_audit_data->tsid = tsid; | 490 | slad.tsid = tsid; |
| 490 | a->selinux_audit_data->audited = audited; | 491 | slad.audited = audited; |
| 491 | a->selinux_audit_data->denied = denied; | 492 | slad.denied = denied; |
| 493 | |||
| 494 | a->selinux_audit_data->slad = &slad; | ||
| 492 | a->lsm_pre_audit = avc_audit_pre_callback; | 495 | a->lsm_pre_audit = avc_audit_pre_callback; |
| 493 | a->lsm_post_audit = avc_audit_post_callback; | 496 | a->lsm_post_audit = avc_audit_post_callback; |
| 494 | common_lsm_audit(a); | 497 | common_lsm_audit(a); |