diff options
author | Marek Milkovic <mmilkovi@redhat.com> | 2015-04-02 17:58:14 +0200 |
---|---|---|
committer | Paul Moore <pmoore@redhat.com> | 2015-05-04 14:44:34 -0400 |
commit | 8f944efb5bbfaeceb9c54d331418060eae92b5f5 (patch) | |
tree | 317acd5e5879848060d7f58e76d894979e60e327 /security | |
parent | cf7b6c0205f11cdb015384244c0b423b00e35c69 (diff) |
selinux: Print 'sclass' as string when unrecognized netlink message occurs
This prints the 'sclass' field as string instead of index in unrecognized netlink message.
The textual representation makes it easier to distinguish the right class.
Signed-off-by: Marek Milkovic <mmilkovi@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: 80-char width fixes]
Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/hooks.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 4d1a54190388..a0844b8af5d3 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4780,8 +4780,9 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) if (err == -EINVAL) { printk(KERN_WARNING "SELinux: unrecognized netlink message:" - " protocol=%hu nlmsg_type=%hu sclass=%hu\n", - sk->sk_protocol, nlh->nlmsg_type, sksec->sclass); + " protocol=%hu nlmsg_type=%hu sclass=%s\n", + sk->sk_protocol, nlh->nlmsg_type, + secclass_map[sksec->sclass - 1].name); if (!selinux_enforcing || security_get_allow_unknown()) err = 0; } |