This patch against 2.6.1-mm1 adds dname to audit output when a path cannot
be generated. This makes analysis of SELinux audit logs easier.
Patch by Stephen Smalley <sds _at_ epoch.ncsc.mil>.
Please apply.
avc.c | 13 +++++++++++--
1 files changed, 11 insertions(+), 2 deletions(-)
diff -urN -X dontdiff linux-2.6.1-rc2.pending/security/selinux/avc.c linux-2.6.1-rc2.w1/security/selinux/avc.c
--- linux-2.6.1-rc2.pending/security/selinux/avc.c 2004-01-07 11:50:22.567223632 -0500
+++ linux-2.6.1-rc2.w1/security/selinux/avc.c 2004-01-07 12:00:02.522057096 -0500
@@ -575,17 +575,26 @@
break;
case AVC_AUDIT_DATA_FS:
if (a->u.fs.dentry) {
+ struct dentry *dentry = a->u.fs.dentry;
if (a->u.fs.mnt) {
- p = d_path(a->u.fs.dentry,
+ p = d_path(dentry,
a->u.fs.mnt,
avc_audit_buffer,
PAGE_SIZE);
if (p)
printk(" path=%s", p);
+ } else {
+ printk(" name=%s", dentry->d_name.name);
}
- inode = a->u.fs.dentry->d_inode;
+ inode = dentry->d_inode;
} else if (a->u.fs.inode) {
+ struct dentry *dentry;
inode = a->u.fs.inode;
+ dentry = d_find_alias(inode);
+ if (dentry) {
+ printk(" name=%s", dentry->d_name.name);
+ dput(dentry);
+ }
}
if (inode)
printk(" dev=%s ino=%ld",
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo _at_ vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/