OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

selinux: Print 'sclass' as string when unrecognized netlink message occurs 

This prints the 'sclass' field as string instead of index in unrecognized netlink message.
The textual representation makes it easier to distinguish the right class.

Signed-off-by: Marek Milkovic <mmilkovi@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: 80-char width fixes]
Signed-off-by: Paul Moore <pmoore@redhat.com>
This commit is contained in:
Marek Milkovic 2015-06-04 16:22:16 -04:00 committed by Paul Moore
parent e6e29a4eae
commit cded3fffbe
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
security/selinux/hooks.c
View File

@ -4713,8 +4713,9 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb)
if (err == -EINVAL) {
printk(KERN_WARNING
"SELinux: unrecognized netlink message:"
" protocol=%hu nlmsg_type=%hu sclass=%hu\n",
sk->sk_protocol, nlh->nlmsg_type, sksec->sclass);
" protocol=%hu nlmsg_type=%hu sclass=%s\n",
sk->sk_protocol, nlh->nlmsg_type,
secclass_map[sksec->sclass - 1].name);
if (!selinux_enforcing || security_get_allow_unknown())
err = 0;
}