[SELINUX] 1/2 Make IPv6 code work with audit framework
From: James Morris
Date: Mon Apr 05 2004 - 08:52:38 EST
This patch against 2.6.5-mm1 makes the IPv6 code work with the audit
framework, following the merge of both into -mm.
Please apply.
diff -urN -X dontdiff linux-2.6.5-mm1.p/security/selinux/avc.c linux-2.6.5-mm1.w/security/selinux/avc.c
--- linux-2.6.5-mm1.p/security/selinux/avc.c 2004-04-05 09:20:26.000000000 -0400
+++ linux-2.6.5-mm1.w/security/selinux/avc.c 2004-04-05 09:36:25.008751944 -0400
@@ -416,14 +416,15 @@
return rc;
}
-static inline void avc_print_ipv6_addr(struct in6_addr *addr, u16 port,
+static inline void avc_print_ipv6_addr(struct audit_buffer *ab,
+ struct in6_addr *addr, u16 port,
char *name1, char *name2)
{
if (!ipv6_addr_any(addr))
- printk(" %s=%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x",
- name1, NIP6(*addr));
+ audit_log_format(ab, " %s=%04x:%04x:%04x:%04x:%04x:"
+ "%04x:%04x:%04x", name1, NIP6(*addr));
if (port)
- printk(" %s=%d", name2, ntohs(port));
+ audit_log_format(ab, " %s=%d", name2, ntohs(port));
}
static inline void avc_print_ipv4_addr(struct audit_buffer *ab, u32 addr,
@@ -570,10 +571,10 @@
struct inet_opt *inet = inet_sk(sk);
struct ipv6_pinfo *inet6 = inet6_sk(sk);
- avc_print_ipv6_addr(&inet6->rcv_saddr,
+ avc_print_ipv6_addr(ab, &inet6->rcv_saddr,
inet->sport,
"laddr", "lport");
- avc_print_ipv6_addr(&inet6->daddr,
+ avc_print_ipv6_addr(ab, &inet6->daddr,
inet->dport,
"faddr", "fport");
break;
@@ -611,10 +612,10 @@
"daddr", "dest");
break;
case AF_INET6:
- avc_print_ipv6_addr(&a->u.net.v6info.saddr,
+ avc_print_ipv6_addr(ab, &a->u.net.v6info.saddr,
a->u.net.sport,
"saddr", "src");
- avc_print_ipv6_addr(&a->u.net.v6info.daddr,
+ avc_print_ipv6_addr(ab, &a->u.net.v6info.daddr,
a->u.net.dport,
"daddr", "dest");
break;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/