Embed a struct path into struct nameidata instead of nd->{dentry,mnt}

[linux-2.6-omap-h63xx.git] / security / selinux / avc.c

diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index ecd06738453190dc4d2a596a7d25493ed98d170b..e8529e2f51e5ba24042ccd88b77e481c9457a5aa 100644 (file)
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -570,10 +570,12 @@ void avc_audit(u32 ssid, u32 tsid,
                case AVC_AUDIT_DATA_FS:
                        if (a->u.fs.dentry) {
                                struct dentry *dentry = a->u.fs.dentry;
-                               if (a->u.fs.mnt)
-                                       audit_avc_path(dentry, a->u.fs.mnt);
-                               audit_log_format(ab, " name=");
-                               audit_log_untrustedstring(ab, dentry->d_name.name);
+                               if (a->u.fs.mnt) {
+                                       audit_log_d_path(ab, "path=", dentry, a->u.fs.mnt);
+                               } else {
+                                       audit_log_format(ab, " name=");
+                                       audit_log_untrustedstring(ab, dentry->d_name.name);
+                               }
                                inode = dentry->d_inode;
                        } else if (a->u.fs.inode) {
                                struct dentry *dentry;
@@ -624,9 +626,8 @@ void avc_audit(u32 ssid, u32 tsid,
                                case AF_UNIX:
                                        u = unix_sk(sk);
                                        if (u->dentry) {
-                                               audit_avc_path(u->dentry, u->mnt);
-                                               audit_log_format(ab, " name=");
-                                               audit_log_untrustedstring(ab, u->dentry->d_name.name);
+                                               audit_log_d_path(ab, "path=",
+                                                                u->dentry, u->mnt);
                                                break;
                                        }
                                        if (!u->addr)
@@ -660,9 +661,18 @@ void avc_audit(u32 ssid, u32 tsid,
                                                    "daddr", "dest");
                                break;
                        }
-                       if (a->u.net.netif)
-                               audit_log_format(ab, " netif=%s",
-                                       a->u.net.netif);
+                       if (a->u.net.netif > 0) {
+                               struct net_device *dev;
+
+                               /* NOTE: we always use init's namespace */
+                               dev = dev_get_by_index(&init_net,
+                                                      a->u.net.netif);
+                               if (dev) {
+                                       audit_log_format(ab, " netif=%s",
+                                                        dev->name);
+                                       dev_put(dev);
+                               }
+                       }
                        break;
                }
        }
@@ -915,3 +925,8 @@ int avc_has_perm(u32 ssid, u32 tsid, u16 tclass,
        avc_audit(ssid, tsid, tclass, requested, &avd, rc, auditdata);
        return rc;
 }
+
+u32 avc_policy_seqno(void)
+{
+       return avc_cache.latest_notif;
+}