diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/avc.c | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 914d0d294fff..451502467a9b 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c | |||
@@ -575,16 +575,16 @@ void avc_audit(u32 ssid, u32 tsid, | |||
575 | struct dentry *dentry = a->u.fs.dentry; | 575 | struct dentry *dentry = a->u.fs.dentry; |
576 | if (a->u.fs.mnt) | 576 | if (a->u.fs.mnt) |
577 | audit_avc_path(dentry, a->u.fs.mnt); | 577 | audit_avc_path(dentry, a->u.fs.mnt); |
578 | audit_log_format(ab, " name=%s", | 578 | audit_log_format(ab, " name="); |
579 | dentry->d_name.name); | 579 | audit_log_untrustedstring(ab, dentry->d_name.name); |
580 | inode = dentry->d_inode; | 580 | inode = dentry->d_inode; |
581 | } else if (a->u.fs.inode) { | 581 | } else if (a->u.fs.inode) { |
582 | struct dentry *dentry; | 582 | struct dentry *dentry; |
583 | inode = a->u.fs.inode; | 583 | inode = a->u.fs.inode; |
584 | dentry = d_find_alias(inode); | 584 | dentry = d_find_alias(inode); |
585 | if (dentry) { | 585 | if (dentry) { |
586 | audit_log_format(ab, " name=%s", | 586 | audit_log_format(ab, " name="); |
587 | dentry->d_name.name); | 587 | audit_log_untrustedstring(ab, dentry->d_name.name); |
588 | dput(dentry); | 588 | dput(dentry); |
589 | } | 589 | } |
590 | } | 590 | } |
@@ -628,23 +628,19 @@ void avc_audit(u32 ssid, u32 tsid, | |||
628 | u = unix_sk(sk); | 628 | u = unix_sk(sk); |
629 | if (u->dentry) { | 629 | if (u->dentry) { |
630 | audit_avc_path(u->dentry, u->mnt); | 630 | audit_avc_path(u->dentry, u->mnt); |
631 | audit_log_format(ab, " name=%s", | 631 | audit_log_format(ab, " name="); |
632 | u->dentry->d_name.name); | 632 | audit_log_untrustedstring(ab, u->dentry->d_name.name); |
633 | |||
634 | break; | 633 | break; |
635 | } | 634 | } |
636 | if (!u->addr) | 635 | if (!u->addr) |
637 | break; | 636 | break; |
638 | len = u->addr->len-sizeof(short); | 637 | len = u->addr->len-sizeof(short); |
639 | p = &u->addr->name->sun_path[0]; | 638 | p = &u->addr->name->sun_path[0]; |
639 | audit_log_format(ab, " path="); | ||
640 | if (*p) | 640 | if (*p) |
641 | audit_log_format(ab, | 641 | audit_log_untrustedstring(ab, p); |
642 | "path=%*.*s", len, | ||
643 | len, p); | ||
644 | else | 642 | else |
645 | audit_log_format(ab, | 643 | audit_log_hex(ab, p, len); |
646 | "path=@%*.*s", len-1, | ||
647 | len-1, p+1); | ||
648 | break; | 644 | break; |
649 | } | 645 | } |
650 | } | 646 | } |