aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/avc.c2
-rw-r--r--security/selinux/hooks.c17
-rw-r--r--security/selinux/selinuxfs.c15
-rw-r--r--security/selinux/ss/avtab.c27
-rw-r--r--security/selinux/ss/conditional.c14
-rw-r--r--security/selinux/ss/policydb.c17
-rw-r--r--security/selinux/ss/services.c63
7 files changed, 78 insertions, 77 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index a4fc6e6d038a..a628e116b7fe 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -426,7 +426,7 @@ static int avc_latest_notif_update(int seqno, int is_insert)
426 spin_lock_irqsave(&notif_lock, flag); 426 spin_lock_irqsave(&notif_lock, flag);
427 if (is_insert) { 427 if (is_insert) {
428 if (seqno < avc_cache.latest_notif) { 428 if (seqno < avc_cache.latest_notif) {
429 printk(KERN_WARNING "avc: seqno %d < latest_notif %d\n", 429 printk(KERN_WARNING "SELinux: avc: seqno %d < latest_notif %d\n",
430 seqno, avc_cache.latest_notif); 430 seqno, avc_cache.latest_notif);
431 ret = -EAGAIN; 431 ret = -EAGAIN;
432 } 432 }
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index f9927f02bc3d..c507f67e2ba7 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -575,8 +575,8 @@ static int selinux_set_mnt_opts(struct super_block *sb,
575 goto out; 575 goto out;
576 } 576 }
577 rc = -EINVAL; 577 rc = -EINVAL;
578 printk(KERN_WARNING "Unable to set superblock options before " 578 printk(KERN_WARNING "SELinux: Unable to set superblock options "
579 "the security server is initialized\n"); 579 "before the security server is initialized\n");
580 goto out; 580 goto out;
581 } 581 }
582 582
@@ -1135,7 +1135,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1135 dentry = d_find_alias(inode); 1135 dentry = d_find_alias(inode);
1136 } 1136 }
1137 if (!dentry) { 1137 if (!dentry) {
1138 printk(KERN_WARNING "%s: no dentry for dev=%s " 1138 printk(KERN_WARNING "SELinux: %s: no dentry for dev=%s "
1139 "ino=%ld\n", __func__, inode->i_sb->s_id, 1139 "ino=%ld\n", __func__, inode->i_sb->s_id,
1140 inode->i_ino); 1140 inode->i_ino);
1141 goto out_unlock; 1141 goto out_unlock;
@@ -1173,7 +1173,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1173 dput(dentry); 1173 dput(dentry);
1174 if (rc < 0) { 1174 if (rc < 0) {
1175 if (rc != -ENODATA) { 1175 if (rc != -ENODATA) {
1176 printk(KERN_WARNING "%s: getxattr returned " 1176 printk(KERN_WARNING "SELinux: %s: getxattr returned "
1177 "%d for dev=%s ino=%ld\n", __func__, 1177 "%d for dev=%s ino=%ld\n", __func__,
1178 -rc, inode->i_sb->s_id, inode->i_ino); 1178 -rc, inode->i_sb->s_id, inode->i_ino);
1179 kfree(context); 1179 kfree(context);
@@ -1187,7 +1187,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1187 sbsec->def_sid, 1187 sbsec->def_sid,
1188 GFP_NOFS); 1188 GFP_NOFS);
1189 if (rc) { 1189 if (rc) {
1190 printk(KERN_WARNING "%s: context_to_sid(%s) " 1190 printk(KERN_WARNING "SELinux: %s: context_to_sid(%s) "
1191 "returned %d for dev=%s ino=%ld\n", 1191 "returned %d for dev=%s ino=%ld\n",
1192 __func__, context, -rc, 1192 __func__, context, -rc,
1193 inode->i_sb->s_id, inode->i_ino); 1193 inode->i_sb->s_id, inode->i_ino);
@@ -1510,7 +1510,8 @@ static int may_link(struct inode *dir,
1510 av = DIR__RMDIR; 1510 av = DIR__RMDIR;
1511 break; 1511 break;
1512 default: 1512 default:
1513 printk(KERN_WARNING "may_link: unrecognized kind %d\n", kind); 1513 printk(KERN_WARNING "SELinux: %s: unrecognized kind %d\n",
1514 __func__, kind);
1514 return 0; 1515 return 0;
1515 } 1516 }
1516 1517
@@ -1640,8 +1641,8 @@ static inline u32 open_file_mask_to_av(int mode, int mask)
1640 else if (S_ISDIR(mode)) 1641 else if (S_ISDIR(mode))
1641 av |= DIR__OPEN; 1642 av |= DIR__OPEN;
1642 else 1643 else
1643 printk(KERN_ERR "SELinux: WARNING: inside open_file_to_av " 1644 printk(KERN_ERR "SELinux: WARNING: inside %s with "
1644 "with unknown mode:%x\n", mode); 1645 "unknown mode:%x\n", __func__, mode);
1645 } 1646 }
1646 return av; 1647 return av;
1647} 1648}
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 26fabad09769..6c05e30e8b49 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -391,8 +391,8 @@ static ssize_t sel_write_context(struct file * file, char *buf, size_t size)
391 return length; 391 return length;
392 392
393 if (len > SIMPLE_TRANSACTION_LIMIT) { 393 if (len > SIMPLE_TRANSACTION_LIMIT) {
394 printk(KERN_ERR "%s: context size (%u) exceeds payload " 394 printk(KERN_ERR "SELinux: %s: context size (%u) exceeds "
395 "max\n", __func__, len); 395 "payload max\n", __func__, len);
396 length = -ERANGE; 396 length = -ERANGE;
397 goto out; 397 goto out;
398 } 398 }
@@ -644,8 +644,8 @@ static ssize_t sel_write_create(struct file * file, char *buf, size_t size)
644 goto out2; 644 goto out2;
645 645
646 if (len > SIMPLE_TRANSACTION_LIMIT) { 646 if (len > SIMPLE_TRANSACTION_LIMIT) {
647 printk(KERN_ERR "%s: context size (%u) exceeds payload " 647 printk(KERN_ERR "SELinux: %s: context size (%u) exceeds "
648 "max\n", __func__, len); 648 "payload max\n", __func__, len);
649 length = -ERANGE; 649 length = -ERANGE;
650 goto out3; 650 goto out3;
651 } 651 }
@@ -821,8 +821,8 @@ static ssize_t sel_write_member(struct file * file, char *buf, size_t size)
821 goto out2; 821 goto out2;
822 822
823 if (len > SIMPLE_TRANSACTION_LIMIT) { 823 if (len > SIMPLE_TRANSACTION_LIMIT) {
824 printk(KERN_ERR "%s: context size (%u) exceeds payload " 824 printk(KERN_ERR "SELinux: %s: context size (%u) exceeds "
825 "max\n", __func__, len); 825 "payload max\n", __func__, len);
826 length = -ERANGE; 826 length = -ERANGE;
827 goto out3; 827 goto out3;
828 } 828 }
@@ -1761,7 +1761,8 @@ static int sel_fill_super(struct super_block * sb, void * data, int silent)
1761out: 1761out:
1762 return ret; 1762 return ret;
1763err: 1763err:
1764 printk(KERN_ERR "%s: failed while creating inodes\n", __func__); 1764 printk(KERN_ERR "SELinux: %s: failed while creating inodes\n",
1765 __func__);
1765 goto out; 1766 goto out;
1766} 1767}
1767 1768
diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
index a6175306d5b6..9e6626362bfd 100644
--- a/security/selinux/ss/avtab.c
+++ b/security/selinux/ss/avtab.c
@@ -310,8 +310,8 @@ void avtab_hash_eval(struct avtab *h, char *tag)
310 } 310 }
311 } 311 }
312 312
313 printk(KERN_DEBUG "%s: %d entries and %d/%d buckets used, longest " 313 printk(KERN_DEBUG "SELinux: %s: %d entries and %d/%d buckets used, "
314 "chain length %d sum of chain length^2 %Lu\n", 314 "longest chain length %d sum of chain length^2 %Lu\n",
315 tag, h->nel, slots_used, h->nslot, max_chain_len, 315 tag, h->nel, slots_used, h->nslot, max_chain_len,
316 chain2_len_sum); 316 chain2_len_sum);
317} 317}
@@ -364,19 +364,19 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
364 val = le32_to_cpu(buf32[items++]); 364 val = le32_to_cpu(buf32[items++]);
365 key.source_type = (u16)val; 365 key.source_type = (u16)val;
366 if (key.source_type != val) { 366 if (key.source_type != val) {
367 printk("SELinux: avtab: truncated source type\n"); 367 printk(KERN_ERR "SELinux: avtab: truncated source type\n");
368 return -1; 368 return -1;
369 } 369 }
370 val = le32_to_cpu(buf32[items++]); 370 val = le32_to_cpu(buf32[items++]);
371 key.target_type = (u16)val; 371 key.target_type = (u16)val;
372 if (key.target_type != val) { 372 if (key.target_type != val) {
373 printk("SELinux: avtab: truncated target type\n"); 373 printk(KERN_ERR "SELinux: avtab: truncated target type\n");
374 return -1; 374 return -1;
375 } 375 }
376 val = le32_to_cpu(buf32[items++]); 376 val = le32_to_cpu(buf32[items++]);
377 key.target_class = (u16)val; 377 key.target_class = (u16)val;
378 if (key.target_class != val) { 378 if (key.target_class != val) {
379 printk("SELinux: avtab: truncated target class\n"); 379 printk(KERN_ERR "SELinux: avtab: truncated target class\n");
380 return -1; 380 return -1;
381 } 381 }
382 382
@@ -384,12 +384,12 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
384 enabled = (val & AVTAB_ENABLED_OLD) ? AVTAB_ENABLED : 0; 384 enabled = (val & AVTAB_ENABLED_OLD) ? AVTAB_ENABLED : 0;
385 385
386 if (!(val & (AVTAB_AV | AVTAB_TYPE))) { 386 if (!(val & (AVTAB_AV | AVTAB_TYPE))) {
387 printk("SELinux: avtab: null entry\n"); 387 printk(KERN_ERR "SELinux: avtab: null entry\n");
388 return -1; 388 return -1;
389 } 389 }
390 if ((val & AVTAB_AV) && 390 if ((val & AVTAB_AV) &&
391 (val & AVTAB_TYPE)) { 391 (val & AVTAB_TYPE)) {
392 printk("SELinux: avtab: entry has both access vectors and types\n"); 392 printk(KERN_ERR "SELinux: avtab: entry has both access vectors and types\n");
393 return -1; 393 return -1;
394 } 394 }
395 395
@@ -404,7 +404,7 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
404 } 404 }
405 405
406 if (items != items2) { 406 if (items != items2) {
407 printk("SELinux: avtab: entry only had %d items, expected %d\n", items2, items); 407 printk(KERN_ERR "SELinux: avtab: entry only had %d items, expected %d\n", items2, items);
408 return -1; 408 return -1;
409 } 409 }
410 return 0; 410 return 0;
@@ -412,7 +412,7 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
412 412
413 rc = next_entry(buf16, fp, sizeof(u16)*4); 413 rc = next_entry(buf16, fp, sizeof(u16)*4);
414 if (rc < 0) { 414 if (rc < 0) {
415 printk("SELinux: avtab: truncated entry\n"); 415 printk(KERN_ERR "SELinux: avtab: truncated entry\n");
416 return -1; 416 return -1;
417 } 417 }
418 418
@@ -425,7 +425,7 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
425 if (!policydb_type_isvalid(pol, key.source_type) || 425 if (!policydb_type_isvalid(pol, key.source_type) ||
426 !policydb_type_isvalid(pol, key.target_type) || 426 !policydb_type_isvalid(pol, key.target_type) ||
427 !policydb_class_isvalid(pol, key.target_class)) { 427 !policydb_class_isvalid(pol, key.target_class)) {
428 printk(KERN_WARNING "SELinux: avtab: invalid type or class\n"); 428 printk(KERN_ERR "SELinux: avtab: invalid type or class\n");
429 return -1; 429 return -1;
430 } 430 }
431 431
@@ -435,20 +435,19 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
435 set++; 435 set++;
436 } 436 }
437 if (!set || set > 1) { 437 if (!set || set > 1) {
438 printk(KERN_WARNING 438 printk(KERN_ERR "SELinux: avtab: more than one specifier\n");
439 "SELinux: avtab: more than one specifier\n");
440 return -1; 439 return -1;
441 } 440 }
442 441
443 rc = next_entry(buf32, fp, sizeof(u32)); 442 rc = next_entry(buf32, fp, sizeof(u32));
444 if (rc < 0) { 443 if (rc < 0) {
445 printk("SELinux: avtab: truncated entry\n"); 444 printk(KERN_ERR "SELinux: avtab: truncated entry\n");
446 return -1; 445 return -1;
447 } 446 }
448 datum.data = le32_to_cpu(*buf32); 447 datum.data = le32_to_cpu(*buf32);
449 if ((key.specified & AVTAB_TYPE) && 448 if ((key.specified & AVTAB_TYPE) &&
450 !policydb_type_isvalid(pol, datum.data)) { 449 !policydb_type_isvalid(pol, datum.data)) {
451 printk(KERN_WARNING "SELinux: avtab: invalid type\n"); 450 printk(KERN_ERR "SELinux: avtab: invalid type\n");
452 return -1; 451 return -1;
453 } 452 }
454 return insertf(a, &key, &datum, p); 453 return insertf(a, &key, &datum, p);
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 5691af498c40..3a464c75d047 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -273,7 +273,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
273 */ 273 */
274 if (k->specified & AVTAB_TYPE) { 274 if (k->specified & AVTAB_TYPE) {
275 if (avtab_search(&p->te_avtab, k)) { 275 if (avtab_search(&p->te_avtab, k)) {
276 printk("SELinux: type rule already exists outside of a conditional."); 276 printk(KERN_ERR "SELinux: type rule already exists outside of a conditional.\n");
277 goto err; 277 goto err;
278 } 278 }
279 /* 279 /*
@@ -288,7 +288,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
288 node_ptr = avtab_search_node(&p->te_cond_avtab, k); 288 node_ptr = avtab_search_node(&p->te_cond_avtab, k);
289 if (node_ptr) { 289 if (node_ptr) {
290 if (avtab_search_node_next(node_ptr, k->specified)) { 290 if (avtab_search_node_next(node_ptr, k->specified)) {
291 printk("SELinux: too many conflicting type rules."); 291 printk(KERN_ERR "SELinux: too many conflicting type rules.\n");
292 goto err; 292 goto err;
293 } 293 }
294 found = 0; 294 found = 0;
@@ -299,13 +299,13 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
299 } 299 }
300 } 300 }
301 if (!found) { 301 if (!found) {
302 printk("SELinux: conflicting type rules.\n"); 302 printk(KERN_ERR "SELinux: conflicting type rules.\n");
303 goto err; 303 goto err;
304 } 304 }
305 } 305 }
306 } else { 306 } else {
307 if (avtab_search(&p->te_cond_avtab, k)) { 307 if (avtab_search(&p->te_cond_avtab, k)) {
308 printk("SELinux: conflicting type rules when adding type rule for true.\n"); 308 printk(KERN_ERR "SELinux: conflicting type rules when adding type rule for true.\n");
309 goto err; 309 goto err;
310 } 310 }
311 } 311 }
@@ -313,7 +313,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
313 313
314 node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d); 314 node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d);
315 if (!node_ptr) { 315 if (!node_ptr) {
316 printk("SELinux: could not insert rule."); 316 printk(KERN_ERR "SELinux: could not insert rule.\n");
317 goto err; 317 goto err;
318 } 318 }
319 319
@@ -372,12 +372,12 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list *
372static int expr_isvalid(struct policydb *p, struct cond_expr *expr) 372static int expr_isvalid(struct policydb *p, struct cond_expr *expr)
373{ 373{
374 if (expr->expr_type <= 0 || expr->expr_type > COND_LAST) { 374 if (expr->expr_type <= 0 || expr->expr_type > COND_LAST) {
375 printk("SELinux: conditional expressions uses unknown operator.\n"); 375 printk(KERN_ERR "SELinux: conditional expressions uses unknown operator.\n");
376 return 0; 376 return 0;
377 } 377 }
378 378
379 if (expr->bool > p->p_bools.nprim) { 379 if (expr->bool > p->p_bools.nprim) {
380 printk("SELinux: conditional expressions uses unknown bool.\n"); 380 printk(KERN_ERR "SELinux: conditional expressions uses unknown bool.\n");
381 return 0; 381 return 0;
382 } 382 }
383 return 1; 383 return 1;
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 6bdb0ff6a927..891c2d07e8b6 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -390,7 +390,7 @@ static void symtab_hash_eval(struct symtab *s)
390 struct hashtab_info info; 390 struct hashtab_info info;
391 391
392 hashtab_stat(h, &info); 392 hashtab_stat(h, &info);
393 printk(KERN_DEBUG "%s: %d entries and %d/%d buckets used, " 393 printk(KERN_DEBUG "SELinux: %s: %d entries and %d/%d buckets used, "
394 "longest chain length %d\n", symtab_name[i], h->nel, 394 "longest chain length %d\n", symtab_name[i], h->nel,
395 info.slots_used, h->size, info.max_chain_len); 395 info.slots_used, h->size, info.max_chain_len);
396 } 396 }
@@ -1215,7 +1215,7 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1215 1215
1216 if (strcmp(key, OBJECT_R) == 0) { 1216 if (strcmp(key, OBJECT_R) == 0) {
1217 if (role->value != OBJECT_R_VAL) { 1217 if (role->value != OBJECT_R_VAL) {
1218 printk(KERN_ERR "Role %s has wrong value %d\n", 1218 printk(KERN_ERR "SELinux: Role %s has wrong value %d\n",
1219 OBJECT_R, role->value); 1219 OBJECT_R, role->value);
1220 rc = -EINVAL; 1220 rc = -EINVAL;
1221 goto bad; 1221 goto bad;
@@ -1551,22 +1551,23 @@ int policydb_read(struct policydb *p, void *fp)
1551 1551
1552 if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) { 1552 if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) {
1553 if (ss_initialized && !selinux_mls_enabled) { 1553 if (ss_initialized && !selinux_mls_enabled) {
1554 printk(KERN_ERR "Cannot switch between non-MLS and MLS " 1554 printk(KERN_ERR "SELinux: Cannot switch between non-MLS"
1555 "policies\n"); 1555 " and MLS policies\n");
1556 goto bad; 1556 goto bad;
1557 } 1557 }
1558 selinux_mls_enabled = 1; 1558 selinux_mls_enabled = 1;
1559 config |= POLICYDB_CONFIG_MLS; 1559 config |= POLICYDB_CONFIG_MLS;
1560 1560
1561 if (p->policyvers < POLICYDB_VERSION_MLS) { 1561 if (p->policyvers < POLICYDB_VERSION_MLS) {
1562 printk(KERN_ERR "security policydb version %d (MLS) " 1562 printk(KERN_ERR "SELinux: security policydb version %d "
1563 "not backwards compatible\n", p->policyvers); 1563 "(MLS) not backwards compatible\n",
1564 p->policyvers);
1564 goto bad; 1565 goto bad;
1565 } 1566 }
1566 } else { 1567 } else {
1567 if (ss_initialized && selinux_mls_enabled) { 1568 if (ss_initialized && selinux_mls_enabled) {
1568 printk(KERN_ERR "Cannot switch between MLS and non-MLS " 1569 printk(KERN_ERR "SELinux: Cannot switch between MLS and"
1569 "policies\n"); 1570 " non-MLS policies\n");
1570 goto bad; 1571 goto bad;
1571 } 1572 }
1572 } 1573 }
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index fc3dfca475d6..2daaddbb301d 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -415,7 +415,8 @@ static int context_struct_compute_av(struct context *scontext,
415 return 0; 415 return 0;
416 416
417inval_class: 417inval_class:
418 printk(KERN_ERR "%s: unrecognized class %d\n", __func__, tclass); 418 printk(KERN_ERR "SELinux: %s: unrecognized class %d\n", __func__,
419 tclass);
419 return -EINVAL; 420 return -EINVAL;
420} 421}
421 422
@@ -499,8 +500,8 @@ int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
499 tclass = SECCLASS_NETLINK_SOCKET; 500 tclass = SECCLASS_NETLINK_SOCKET;
500 501
501 if (!tclass || tclass > policydb.p_classes.nprim) { 502 if (!tclass || tclass > policydb.p_classes.nprim) {
502 printk(KERN_ERR "security_validate_transition: " 503 printk(KERN_ERR "SELinux: %s: unrecognized class %d\n",
503 "unrecognized class %d\n", tclass); 504 __func__, tclass);
504 rc = -EINVAL; 505 rc = -EINVAL;
505 goto out; 506 goto out;
506 } 507 }
@@ -508,24 +509,24 @@ int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
508 509
509 ocontext = sidtab_search(&sidtab, oldsid); 510 ocontext = sidtab_search(&sidtab, oldsid);
510 if (!ocontext) { 511 if (!ocontext) {
511 printk(KERN_ERR "security_validate_transition: " 512 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
512 " unrecognized SID %d\n", oldsid); 513 __func__, oldsid);
513 rc = -EINVAL; 514 rc = -EINVAL;
514 goto out; 515 goto out;
515 } 516 }
516 517
517 ncontext = sidtab_search(&sidtab, newsid); 518 ncontext = sidtab_search(&sidtab, newsid);
518 if (!ncontext) { 519 if (!ncontext) {
519 printk(KERN_ERR "security_validate_transition: " 520 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
520 " unrecognized SID %d\n", newsid); 521 __func__, newsid);
521 rc = -EINVAL; 522 rc = -EINVAL;
522 goto out; 523 goto out;
523 } 524 }
524 525
525 tcontext = sidtab_search(&sidtab, tasksid); 526 tcontext = sidtab_search(&sidtab, tasksid);
526 if (!tcontext) { 527 if (!tcontext) {
527 printk(KERN_ERR "security_validate_transition: " 528 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
528 " unrecognized SID %d\n", tasksid); 529 __func__, tasksid);
529 rc = -EINVAL; 530 rc = -EINVAL;
530 goto out; 531 goto out;
531 } 532 }
@@ -581,15 +582,15 @@ int security_compute_av(u32 ssid,
581 582
582 scontext = sidtab_search(&sidtab, ssid); 583 scontext = sidtab_search(&sidtab, ssid);
583 if (!scontext) { 584 if (!scontext) {
584 printk(KERN_ERR "security_compute_av: unrecognized SID %d\n", 585 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
585 ssid); 586 __func__, ssid);
586 rc = -EINVAL; 587 rc = -EINVAL;
587 goto out; 588 goto out;
588 } 589 }
589 tcontext = sidtab_search(&sidtab, tsid); 590 tcontext = sidtab_search(&sidtab, tsid);
590 if (!tcontext) { 591 if (!tcontext) {
591 printk(KERN_ERR "security_compute_av: unrecognized SID %d\n", 592 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
592 tsid); 593 __func__, tsid);
593 rc = -EINVAL; 594 rc = -EINVAL;
594 goto out; 595 goto out;
595 } 596 }
@@ -686,16 +687,16 @@ int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)
686 *scontext = scontextp; 687 *scontext = scontextp;
687 goto out; 688 goto out;
688 } 689 }
689 printk(KERN_ERR "security_sid_to_context: called before initial " 690 printk(KERN_ERR "SELinux: %s: called before initial "
690 "load_policy on unknown SID %d\n", sid); 691 "load_policy on unknown SID %d\n", __func__, sid);
691 rc = -EINVAL; 692 rc = -EINVAL;
692 goto out; 693 goto out;
693 } 694 }
694 POLICY_RDLOCK; 695 POLICY_RDLOCK;
695 context = sidtab_search(&sidtab, sid); 696 context = sidtab_search(&sidtab, sid);
696 if (!context) { 697 if (!context) {
697 printk(KERN_ERR "security_sid_to_context: unrecognized SID " 698 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
698 "%d\n", sid); 699 __func__, sid);
699 rc = -EINVAL; 700 rc = -EINVAL;
700 goto out_unlock; 701 goto out_unlock;
701 } 702 }
@@ -925,15 +926,15 @@ static int security_compute_sid(u32 ssid,
925 926
926 scontext = sidtab_search(&sidtab, ssid); 927 scontext = sidtab_search(&sidtab, ssid);
927 if (!scontext) { 928 if (!scontext) {
928 printk(KERN_ERR "security_compute_sid: unrecognized SID %d\n", 929 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
929 ssid); 930 __func__, ssid);
930 rc = -EINVAL; 931 rc = -EINVAL;
931 goto out_unlock; 932 goto out_unlock;
932 } 933 }
933 tcontext = sidtab_search(&sidtab, tsid); 934 tcontext = sidtab_search(&sidtab, tsid);
934 if (!tcontext) { 935 if (!tcontext) {
935 printk(KERN_ERR "security_compute_sid: unrecognized SID %d\n", 936 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
936 tsid); 937 __func__, tsid);
937 rc = -EINVAL; 938 rc = -EINVAL;
938 goto out_unlock; 939 goto out_unlock;
939 } 940 }
@@ -2031,16 +2032,16 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)
2031 POLICY_RDLOCK; 2032 POLICY_RDLOCK;
2032 context1 = sidtab_search(&sidtab, sid); 2033 context1 = sidtab_search(&sidtab, sid);
2033 if (!context1) { 2034 if (!context1) {
2034 printk(KERN_ERR "security_sid_mls_copy: unrecognized SID " 2035 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
2035 "%d\n", sid); 2036 __func__, sid);
2036 rc = -EINVAL; 2037 rc = -EINVAL;
2037 goto out_unlock; 2038 goto out_unlock;
2038 } 2039 }
2039 2040
2040 context2 = sidtab_search(&sidtab, mls_sid); 2041 context2 = sidtab_search(&sidtab, mls_sid);
2041 if (!context2) { 2042 if (!context2) {
2042 printk(KERN_ERR "security_sid_mls_copy: unrecognized SID " 2043 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
2043 "%d\n", mls_sid); 2044 __func__, mls_sid);
2044 rc = -EINVAL; 2045 rc = -EINVAL;
2045 goto out_unlock; 2046 goto out_unlock;
2046 } 2047 }
@@ -2131,17 +2132,15 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type,
2131 2132
2132 nlbl_ctx = sidtab_search(&sidtab, nlbl_sid); 2133 nlbl_ctx = sidtab_search(&sidtab, nlbl_sid);
2133 if (!nlbl_ctx) { 2134 if (!nlbl_ctx) {
2134 printk(KERN_ERR 2135 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
2135 "security_sid_mls_cmp: unrecognized SID %d\n", 2136 __func__, nlbl_sid);
2136 nlbl_sid);
2137 rc = -EINVAL; 2137 rc = -EINVAL;
2138 goto out_slowpath; 2138 goto out_slowpath;
2139 } 2139 }
2140 xfrm_ctx = sidtab_search(&sidtab, xfrm_sid); 2140 xfrm_ctx = sidtab_search(&sidtab, xfrm_sid);
2141 if (!xfrm_ctx) { 2141 if (!xfrm_ctx) {
2142 printk(KERN_ERR 2142 printk(KERN_ERR "SELinux: %s: unrecognized SID %d\n",
2143 "security_sid_mls_cmp: unrecognized SID %d\n", 2143 __func__, xfrm_sid);
2144 xfrm_sid);
2145 rc = -EINVAL; 2144 rc = -EINVAL;
2146 goto out_slowpath; 2145 goto out_slowpath;
2147 } 2146 }
@@ -2221,7 +2220,7 @@ int security_get_permissions(char *class, char ***perms, int *nperms)
2221 2220
2222 match = hashtab_search(policydb.p_classes.table, class); 2221 match = hashtab_search(policydb.p_classes.table, class);
2223 if (!match) { 2222 if (!match) {
2224 printk(KERN_ERR "%s: unrecognized class %s\n", 2223 printk(KERN_ERR "SELinux: %s: unrecognized class %s\n",
2225 __func__, class); 2224 __func__, class);
2226 rc = -EINVAL; 2225 rc = -EINVAL;
2227 goto out; 2226 goto out;