ChangeSet 1.2231.1.18, 2005/03/28 19:21:10-08:00, [EMAIL PROTECTED] [PATCH] SELinux: audit unrecognized netlink messages This patch changes SELinux to audit any unrecognized netlink messages in controlled classes rather than silently rejecting them, and to allow them if in permissive mode. Please apply. Signed-off-by: Stephen Smalley <[EMAIL PROTECTED]> Signed-off-by: James Morris <[EMAIL PROTECTED]> Signed-off-by: Andrew Morton <[EMAIL PROTECTED]> Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>
hooks.c | 10 ++++++++++ 1 files changed, 10 insertions(+) diff -Nru a/security/selinux/hooks.c b/security/selinux/hooks.c --- a/security/selinux/hooks.c 2005-03-28 21:10:23 -08:00 +++ b/security/selinux/hooks.c 2005-03-28 21:10:23 -08:00 @@ -67,6 +67,7 @@ #include <linux/hugetlb.h> #include <linux/personality.h> #include <linux/sysctl.h> +#include <linux/audit.h> #include "avc.h" #include "objsec.h" @@ -3385,6 +3386,15 @@ err = selinux_nlmsg_lookup(isec->sclass, nlh->nlmsg_type, &perm); if (err) { + if (err == -EINVAL) { + audit_log(current->audit_context, + "SELinux: unrecognized netlink message" + " type=%hu for sclass=%hu\n", + nlh->nlmsg_type, isec->sclass); + if (!selinux_enforcing) + err = 0; + } + /* Ignore */ if (err == -ENOENT) err = 0; - To unsubscribe from this list: send the line "unsubscribe bk-commits-head" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html