aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-19 11:18:24 +0100
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-19 11:18:24 +0100
commitcd77b8212d5473b800ac865364981d334ff564ea (patch)
tree334f44b05fc02039d67de5f9bfc26765e754b727
parentb7d1125817c9a46cc46f57db89d9c195e7af22f8 (diff)
Restore logging of pid= and comm= in AVC audit messages
We turned this all off because the 'exe=' was causing deadlocks on dcache_lock. There's no need to leave the pid and comm out though. They'll all be logged correctly if full auditing is enabled, but we should still print them in case auditing _isn't_ enabled. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
-rw-r--r--security/selinux/avc.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 042f91e9f9d..62b963aca27 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -532,6 +532,7 @@ void avc_audit(u32 ssid, u32 tsid,
u16 tclass, u32 requested,
struct av_decision *avd, int result, struct avc_audit_data *a)
{
+ struct task_struct *tsk = current;
struct inode *inode = NULL;
u32 denied, audited;
struct audit_buffer *ab;
@@ -555,6 +556,12 @@ void avc_audit(u32 ssid, u32 tsid,
audit_log_format(ab, "avc: %s ", denied ? "denied" : "granted");
avc_dump_av(ab, tclass,audited);
audit_log_format(ab, " for ");
+ if (a && a->tsk)
+ tsk = a->tsk;
+ if (a->tsk && a->tsk->pid) {
+ audit_log_format(ab, " pid=%d comm=", tsk->pid);
+ audit_log_untrustedstring(ab, tsk->comm);
+ }
if (a) {
switch (a->type) {
case AVC_AUDIT_DATA_IPC: