aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/selinux/avc.c22
1 files changed, 9 insertions, 13 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 914d0d294fff..451502467a9b 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -575,16 +575,16 @@ void avc_audit(u32 ssid, u32 tsid,
575 struct dentry *dentry = a->u.fs.dentry; 575 struct dentry *dentry = a->u.fs.dentry;
576 if (a->u.fs.mnt) 576 if (a->u.fs.mnt)
577 audit_avc_path(dentry, a->u.fs.mnt); 577 audit_avc_path(dentry, a->u.fs.mnt);
578 audit_log_format(ab, " name=%s", 578 audit_log_format(ab, " name=");
579 dentry->d_name.name); 579 audit_log_untrustedstring(ab, dentry->d_name.name);
580 inode = dentry->d_inode; 580 inode = dentry->d_inode;
581 } else if (a->u.fs.inode) { 581 } else if (a->u.fs.inode) {
582 struct dentry *dentry; 582 struct dentry *dentry;
583 inode = a->u.fs.inode; 583 inode = a->u.fs.inode;
584 dentry = d_find_alias(inode); 584 dentry = d_find_alias(inode);
585 if (dentry) { 585 if (dentry) {
586 audit_log_format(ab, " name=%s", 586 audit_log_format(ab, " name=");
587 dentry->d_name.name); 587 audit_log_untrustedstring(ab, dentry->d_name.name);
588 dput(dentry); 588 dput(dentry);
589 } 589 }
590 } 590 }
@@ -628,23 +628,19 @@ void avc_audit(u32 ssid, u32 tsid,
628 u = unix_sk(sk); 628 u = unix_sk(sk);
629 if (u->dentry) { 629 if (u->dentry) {
630 audit_avc_path(u->dentry, u->mnt); 630 audit_avc_path(u->dentry, u->mnt);
631 audit_log_format(ab, " name=%s", 631 audit_log_format(ab, " name=");
632 u->dentry->d_name.name); 632 audit_log_untrustedstring(ab, u->dentry->d_name.name);
633
634 break; 633 break;
635 } 634 }
636 if (!u->addr) 635 if (!u->addr)
637 break; 636 break;
638 len = u->addr->len-sizeof(short); 637 len = u->addr->len-sizeof(short);
639 p = &u->addr->name->sun_path[0]; 638 p = &u->addr->name->sun_path[0];
639 audit_log_format(ab, " path=");
640 if (*p) 640 if (*p)
641 audit_log_format(ab, 641 audit_log_untrustedstring(ab, p);
642 "path=%*.*s", len,
643 len, p);
644 else 642 else
645 audit_log_format(ab, 643 audit_log_hex(ab, p, len);
646 "path=@%*.*s", len-1,
647 len-1, p+1);
648 break; 644 break;
649 } 645 }
650 } 646 }