From cd77b8212d5473b800ac865364981d334ff564ea Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 19 May 2005 11:18:24 +0100 Subject: Restore logging of pid= and comm= in AVC audit messages We turned this all off because the 'exe=' was causing deadlocks on dcache_lock. There's no need to leave the pid and comm out though. They'll all be logged correctly if full auditing is enabled, but we should still print them in case auditing _isn't_ enabled. Signed-off-by: David Woodhouse --- security/selinux/avc.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'security/selinux/avc.c') diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 042f91e9f9d2..62b963aca275 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -532,6 +532,7 @@ void avc_audit(u32 ssid, u32 tsid, u16 tclass, u32 requested, struct av_decision *avd, int result, struct avc_audit_data *a) { + struct task_struct *tsk = current; struct inode *inode = NULL; u32 denied, audited; struct audit_buffer *ab; @@ -555,6 +556,12 @@ void avc_audit(u32 ssid, u32 tsid, audit_log_format(ab, "avc: %s ", denied ? "denied" : "granted"); avc_dump_av(ab, tclass,audited); audit_log_format(ab, " for "); + if (a && a->tsk) + tsk = a->tsk; + if (a->tsk && a->tsk->pid) { + audit_log_format(ab, " pid=%d comm=", tsk->pid); + audit_log_untrustedstring(ab, tsk->comm); + } if (a) { switch (a->type) { case AVC_AUDIT_DATA_IPC: -- cgit v1.2.3