X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=security%2Fselinux%2Favc.c;h=a300702da5276a41a5c86a68e389f5ebcacdc058;hb=376bd9cb357ec945ac893feaeb63af7370a6e70b;hp=cf6020f85403e54e23660e7c86c7e0f30e4750f4;hpb=d7f6884ae0ae6e406ec3500fcde16e8f51642460;p=powerpc.git diff --git a/security/selinux/avc.c b/security/selinux/avc.c index cf6020f854..a300702da5 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -43,13 +43,11 @@ static const struct av_perm_to_string #undef S_ }; -#ifdef CONFIG_AUDIT static const char *class_to_string[] = { #define S_(s) s, #include "class_to_string.h" #undef S_ }; -#endif #define TB_(s) static const char * s [] = { #define TE_(s) }; @@ -242,7 +240,7 @@ void __init avc_init(void) avc_node_cachep = kmem_cache_create("avc_node", sizeof(struct avc_node), 0, SLAB_PANIC, NULL, NULL); - audit_log(current->audit_context, AUDIT_KERNEL, "AVC INITIALIZED\n"); + audit_log(current->audit_context, GFP_KERNEL, AUDIT_KERNEL, "AVC INITIALIZED\n"); } int avc_get_hash_stats(char *page) @@ -494,8 +492,7 @@ static inline void avc_print_ipv6_addr(struct audit_buffer *ab, char *name1, char *name2) { if (!ipv6_addr_any(addr)) - audit_log_format(ab, " %s=%04x:%04x:%04x:%04x:%04x:" - "%04x:%04x:%04x", name1, NIP6(*addr)); + audit_log_format(ab, " %s=" NIP6_FMT, name1, NIP6(*addr)); if (port) audit_log_format(ab, " %s=%d", name2, ntohs(port)); } @@ -504,7 +501,7 @@ static inline void avc_print_ipv4_addr(struct audit_buffer *ab, u32 addr, __be16 port, char *name1, char *name2) { if (addr) - audit_log_format(ab, " %s=%d.%d.%d.%d", name1, NIPQUAD(addr)); + audit_log_format(ab, " %s=" NIPQUAD_FMT, name1, NIPQUAD(addr)); if (port) audit_log_format(ab, " %s=%d", name2, ntohs(port)); } @@ -550,7 +547,7 @@ void avc_audit(u32 ssid, u32 tsid, return; } - ab = audit_log_start(current->audit_context, AUDIT_AVC); + ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_AVC); if (!ab) return; /* audit_panic has been called */ audit_log_format(ab, "avc: %s ", denied ? "denied" : "granted"); @@ -803,7 +800,7 @@ out: int avc_ss_reset(u32 seqno) { struct avc_callback_node *c; - int i, rc = 0; + int i, rc = 0, tmprc; unsigned long flag; struct avc_node *node; @@ -816,15 +813,16 @@ int avc_ss_reset(u32 seqno) for (c = avc_callbacks; c; c = c->next) { if (c->events & AVC_CALLBACK_RESET) { - rc = c->callback(AVC_CALLBACK_RESET, - 0, 0, 0, 0, NULL); - if (rc) - goto out; + tmprc = c->callback(AVC_CALLBACK_RESET, + 0, 0, 0, 0, NULL); + /* save the first error encountered for the return + value and continue processing the callbacks */ + if (!rc) + rc = tmprc; } } avc_latest_notif_update(seqno, 0); -out: return rc; }