[PATCH] selinux: Audit compute_sid errors

From: Stephen Smalley <sds@epoch.ncsc.mil> This patch changes an error message printk'd by security_compute_sid to use the audit framework instead. These errors reflect situations where a security transition would normally occur due to policy, but the resulting security context is not valid. The patch also changes the code to always call the audit framework rather than only doing so when permissive as this was causing problems with testing policy, and does some code cleanup.

[PATCH] selinux: Audit compute_sid errors
From: Stephen Smalley <sds@epoch.ncsc.mil> This patch changes an error message printk'd by security_compute_sid to use the audit framework instead. These errors reflect situations where a security transition would normally occur due to policy, but the resulting security context is not valid. The patch also changes the code to always call the audit framework rather than only doing so when permissive as this was causing problems with testing policy, and does some code cleanup.
df25ad33 · Andrew Morton · Linus Torvalds · 7787c5a4 · df25ad33
Commit df25ad33 authored Apr 11, 2004 by Andrew Morton Committed by Linus Torvalds Apr 11, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 23 additions and 20 deletions

security/selinux/ss/services.c security/selinux/ss/services.c +23 -20

No files found.
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -26,6 +26,7 @@
 #include <linux/errno.h>
 #include <linux/in.h>
 #include <linux/sched.h>
+#include <linux/audit.h>
 #include <asm/semaphore.h>
 #include "flask.h"
 #include "avc.h"
@@ -548,32 +549,34 @@ int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid)
 	return rc;
 }

-static inline int compute_sid_handle_invalid_context(
+static int compute_sid_handle_invalid_context(
 	struct context *scontext,
 	struct context *tcontext,
 	u16 tclass,
 	struct context *newcontext)
 {
-	int rc = 0;
+	char *s = NULL, *t = NULL, *n = NULL;
+	u32 slen, tlen, nlen;

-	if (selinux_enforcing) {
-		rc = -EACCES;
-	} else {
-		char *s, *t, *n;
-		u32 slen, tlen, nlen;
-
-		context_struct_to_string(scontext, &s, &slen);
-		context_struct_to_string(tcontext, &t, &tlen);
-		context_struct_to_string(newcontext, &n, &nlen);
-		printk(KERN_ERR "security_compute_sid:  invalid context %s", n);
-		printk(" for scontext=%s", s);
-		printk(" tcontext=%s", t);
-		printk(" tclass=%s\n", policydb.p_class_val_to_name[tclass-1]);
-		kfree(s);
-		kfree(t);
-		kfree(n);
-	}
-	return rc;
+	if (context_struct_to_string(scontext, &s, &slen) < 0)
+		goto out;
+	if (context_struct_to_string(tcontext, &t, &tlen) < 0)
+		goto out;
+	if (context_struct_to_string(newcontext, &n, &nlen) < 0)
+		goto out;
+	audit_log(current->audit_context,
+		  "security_compute_sid:  invalid context %s"
+		  " for scontext=%s"
+		  " tcontext=%s"
+		  " tclass=%s",
+		  n, s, t, policydb.p_class_val_to_name[tclass-1]);
+out:
+	kfree(s);
+	kfree(t);
+	kfree(n);
+	if (!selinux_enforcing)
+		return 0;
+	return -EACCES;
 }

 static int security_compute_sid(u32 ssid,