3.16.85-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Marek Milkovic <mmilkovi@xxxxxxxxxx>
commit cded3fffbeab777e6ad2ec05d4a3b62c5caca0f3 upstream.
This prints the 'sclass' field as string instead of index in unrecognized netlink message.
The textual representation makes it easier to distinguish the right class.
Signed-off-by: Marek Milkovic <mmilkovi@xxxxxxxxxx>
Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
[PM: 80-char width fixes]
Signed-off-by: Paul Moore <pmoore@xxxxxxxxxx>
Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
---
security/selinux/hooks.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4685,8 +4685,9 @@ static int selinux_nlmsg_perm(struct soc
if (err == -EINVAL) {
printk(KERN_WARNING
"SELinux: unrecognized netlink message:"
- " protocol=%hu nlmsg_type=%hu sclass=%hu\n",
- sk->sk_protocol, nlh->nlmsg_type, sksec->sclass);
+ " protocol=%hu nlmsg_type=%hu sclass=%s\n",
+ sk->sk_protocol, nlh->nlmsg_type,
+ secclass_map[sksec->sclass - 1].name);
if (!selinux_enforcing || security_get_allow_unknown())
err = 0;
}
