selinux: Print 'sclass' as string when unrecognized netlink message occurs

This prints the 'sclass' field as string instead of index in unrecognized netlink message. The textual representation makes it easier to distinguish the right class. Signed-off-by: Marek Milkovic <mmilkovi@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> [PM: 80-char width fixes] Signed-off-by: Paul Moore <pmoore@redhat.com>
author: Marek Milkovic <mmilkovi@redhat.com> 2015-06-04 16:22:16 -0400
committer: Paul Moore <pmoore@redhat.com> 2015-06-04 16:22:16 -0400
commit: cded3fffbeab777e6ad2ec05d4a3b62c5caca0f3 (patch)
tree: 06a02c4bf6f846d9c9cf0c5ad4fb2f02779687af /security
parent: e6e29a4eae335059d2cc44ac543de7556ff7ac09 (diff)
download: op-kernel-dev-cded3fffbeab777e6ad2ec05d4a3b62c5caca0f3.zip
op-kernel-dev-cded3fffbeab777e6ad2ec05d4a3b62c5caca0f3.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 06c9dd9..99c4a00 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4713,8 +4713,9 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb)
 		if (err == -EINVAL) {
 			printk(KERN_WARNING
 			       "SELinux: unrecognized netlink message:"
-			       " protocol=%hu nlmsg_type=%hu sclass=%hu\n",
-			       sk->sk_protocol, nlh->nlmsg_type, sksec->sclass);
+			       " protocol=%hu nlmsg_type=%hu sclass=%s\n",
+			       sk->sk_protocol, nlh->nlmsg_type,
+			       secclass_map[sksec->sclass - 1].name);
 			if (!selinux_enforcing || security_get_allow_unknown())
 				err = 0;
 		}
author	Marek Milkovic <mmilkovi@redhat.com>	2015-06-04 16:22:16 -0400
committer	Paul Moore <pmoore@redhat.com>	2015-06-04 16:22:16 -0400
commit	cded3fffbeab777e6ad2ec05d4a3b62c5caca0f3 (patch)
tree	06a02c4bf6f846d9c9cf0c5ad4fb2f02779687af /security
parent	e6e29a4eae335059d2cc44ac543de7556ff7ac09 (diff)
download	op-kernel-dev-cded3fffbeab777e6ad2ec05d4a3b62c5caca0f3.zip op-kernel-dev-cded3fffbeab777e6ad2ec05d4a3b62c5caca0f3.tar.gz