---

yaml
---
r: 91716
b: refs/heads/master
c: 744ba35
h: refs/heads/master
v: v3

[refs]

@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 11670889380b144adfa5a91dc184c8f6300c4b28
+refs/heads/master: 744ba35e455b0d5cf4f85208a8ca0edcc9976b95

trunk/security/selinux/avc.c

@@ -426,7 +426,7 @@ static int avc_latest_notif_update(int seqno, int is_insert)
 	spin_lock_irqsave(&notif_lock, flag);
 	if (is_insert) {
 		if (seqno < avc_cache.latest_notif) {
-			printk(KERN_WARNING "avc:  seqno %d < latest_notif %d\n",
+			printk(KERN_WARNING "SELinux: avc:  seqno %d < latest_notif %d\n",
 			       seqno, avc_cache.latest_notif);
 			ret = -EAGAIN;
 		}

trunk/security/selinux/hooks.c

@@ -575,8 +575,8 @@ static int selinux_set_mnt_opts(struct super_block *sb,
 			goto out;
 		}
 		rc = -EINVAL;
-		printk(KERN_WARNING "Unable to set superblock options before "
-		       "the security server is initialized\n");
+		printk(KERN_WARNING "SELinux: Unable to set superblock options "
+			"before the security server is initialized\n");
 		goto out;
 	}
 
@@ -1135,7 +1135,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
 			dentry = d_find_alias(inode);
 		}
 		if (!dentry) {
-			printk(KERN_WARNING "%s:  no dentry for dev=%s "
+			printk(KERN_WARNING "SELinux: %s:  no dentry for dev=%s "
 			       "ino=%ld\n", __func__, inode->i_sb->s_id,
 			       inode->i_ino);
 			goto out_unlock;
@@ -1173,7 +1173,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
 		dput(dentry);
 		if (rc < 0) {
 			if (rc != -ENODATA) {
-				printk(KERN_WARNING "%s:  getxattr returned "
+				printk(KERN_WARNING "SELinux: %s:  getxattr returned "
 				       "%d for dev=%s ino=%ld\n", __func__,
 				       -rc, inode->i_sb->s_id, inode->i_ino);
 				kfree(context);
@@ -1187,7 +1187,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
 							     sbsec->def_sid,
 							     GFP_NOFS);
 			if (rc) {
-				printk(KERN_WARNING "%s:  context_to_sid(%s) "
+				printk(KERN_WARNING "SELinux: %s:  context_to_sid(%s) "
 				       "returned %d for dev=%s ino=%ld\n",
 				       __func__, context, -rc,
 				       inode->i_sb->s_id, inode->i_ino);
@@ -1510,7 +1510,8 @@ static int may_link(struct inode *dir,
 		av = DIR__RMDIR;
 		break;
 	default:
-		printk(KERN_WARNING "may_link:  unrecognized kind %d\n", kind);
+		printk(KERN_WARNING "SELinux: %s:  unrecognized kind %d\n",
+			__func__, kind);
 		return 0;
 	}
 
@@ -1640,8 +1641,8 @@ static inline u32 open_file_mask_to_av(int mode, int mask)
 		else if (S_ISDIR(mode))
 			av |= DIR__OPEN;
 		else
-			printk(KERN_ERR "SELinux: WARNING: inside open_file_to_av "
-				"with unknown mode:%x\n", mode);
+			printk(KERN_ERR "SELinux: WARNING: inside %s with "
+				"unknown mode:%x\n", __func__, mode);
 	}
 	return av;
 }

trunk/security/selinux/selinuxfs.c

@@ -391,8 +391,8 @@ static ssize_t sel_write_context(struct file * file, char *buf, size_t size)
 		return length;
 
 	if (len > SIMPLE_TRANSACTION_LIMIT) {
-		printk(KERN_ERR "%s:  context size (%u) exceeds payload "
-		       "max\n", __func__, len);
+		printk(KERN_ERR "SELinux: %s:  context size (%u) exceeds "
+			"payload max\n", __func__, len);
 		length = -ERANGE;
 		goto out;
 	}
@@ -644,8 +644,8 @@ static ssize_t sel_write_create(struct file * file, char *buf, size_t size)
 		goto out2;
 
 	if (len > SIMPLE_TRANSACTION_LIMIT) {
-		printk(KERN_ERR "%s:  context size (%u) exceeds payload "
-		       "max\n", __func__, len);
+		printk(KERN_ERR "SELinux: %s:  context size (%u) exceeds "
+			"payload max\n", __func__, len);
 		length = -ERANGE;
 		goto out3;
 	}
@@ -821,8 +821,8 @@ static ssize_t sel_write_member(struct file * file, char *buf, size_t size)
 		goto out2;
 
 	if (len > SIMPLE_TRANSACTION_LIMIT) {
-		printk(KERN_ERR "%s:  context size (%u) exceeds payload "
-		       "max\n", __func__, len);
+		printk(KERN_ERR "SELinux: %s:  context size (%u) exceeds "
+			"payload max\n", __func__, len);
 		length = -ERANGE;
 		goto out3;
 	}
@@ -1761,7 +1761,8 @@ static int sel_fill_super(struct super_block * sb, void * data, int silent)
 out:
 	return ret;
 err:
-	printk(KERN_ERR "%s:  failed while creating inodes\n", __func__);
+	printk(KERN_ERR "SELinux: %s:  failed while creating inodes\n",
+		__func__);
 	goto out;
 }
 

trunk/security/selinux/ss/avtab.c

@@ -310,8 +310,8 @@ void avtab_hash_eval(struct avtab *h, char *tag)
 		}
 	}
 
-	printk(KERN_DEBUG "%s:  %d entries and %d/%d buckets used, longest "
-	       "chain length %d sum of chain length^2 %Lu\n",
+	printk(KERN_DEBUG "SELinux: %s:  %d entries and %d/%d buckets used, "
+	       "longest chain length %d sum of chain length^2 %Lu\n",
 	       tag, h->nel, slots_used, h->nslot, max_chain_len,
 	       chain2_len_sum);
 }
@@ -364,32 +364,32 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
 		val = le32_to_cpu(buf32[items++]);
 		key.source_type = (u16)val;
 		if (key.source_type != val) {
-			printk("SELinux: avtab: truncated source type\n");
+			printk(KERN_ERR "SELinux: avtab: truncated source type\n");
 			return -1;
 		}
 		val = le32_to_cpu(buf32[items++]);
 		key.target_type = (u16)val;
 		if (key.target_type != val) {
-			printk("SELinux: avtab: truncated target type\n");
+			printk(KERN_ERR "SELinux: avtab: truncated target type\n");
 			return -1;
 		}
 		val = le32_to_cpu(buf32[items++]);
 		key.target_class = (u16)val;
 		if (key.target_class != val) {
-			printk("SELinux: avtab: truncated target class\n");
+			printk(KERN_ERR "SELinux: avtab: truncated target class\n");
 			return -1;
 		}
 
 		val = le32_to_cpu(buf32[items++]);
 		enabled = (val & AVTAB_ENABLED_OLD) ? AVTAB_ENABLED : 0;
 
 		if (!(val & (AVTAB_AV | AVTAB_TYPE))) {
-			printk("SELinux: avtab: null entry\n");
+			printk(KERN_ERR "SELinux: avtab: null entry\n");
 			return -1;
 		}
 		if ((val & AVTAB_AV) &&
 		    (val & AVTAB_TYPE)) {
-			printk("SELinux: avtab: entry has both access vectors and types\n");
+			printk(KERN_ERR "SELinux: avtab: entry has both access vectors and types\n");
 			return -1;
 		}
 
@@ -404,15 +404,15 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
 		}
 
 		if (items != items2) {
-			printk("SELinux: avtab: entry only had %d items, expected %d\n", items2, items);
+			printk(KERN_ERR "SELinux: avtab: entry only had %d items, expected %d\n", items2, items);
 			return -1;
 		}
 		return 0;
 	}
 
 	rc = next_entry(buf16, fp, sizeof(u16)*4);
 	if (rc < 0) {
-		printk("SELinux: avtab: truncated entry\n");
+		printk(KERN_ERR "SELinux: avtab: truncated entry\n");
 		return -1;
 	}
 
@@ -425,7 +425,7 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
 	if (!policydb_type_isvalid(pol, key.source_type) ||
 	    !policydb_type_isvalid(pol, key.target_type) ||
 	    !policydb_class_isvalid(pol, key.target_class)) {
-		printk(KERN_WARNING "SELinux: avtab: invalid type or class\n");
+		printk(KERN_ERR "SELinux: avtab: invalid type or class\n");
 		return -1;
 	}
 
@@ -435,20 +435,19 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol,
 			set++;
 	}
 	if (!set || set > 1) {
-		printk(KERN_WARNING
-			"SELinux:  avtab:  more than one specifier\n");
+		printk(KERN_ERR "SELinux:  avtab:  more than one specifier\n");
 		return -1;
 	}
 
 	rc = next_entry(buf32, fp, sizeof(u32));
 	if (rc < 0) {
-		printk("SELinux: avtab: truncated entry\n");
+		printk(KERN_ERR "SELinux: avtab: truncated entry\n");
 		return -1;
 	}
 	datum.data = le32_to_cpu(*buf32);
 	if ((key.specified & AVTAB_TYPE) &&
 	    !policydb_type_isvalid(pol, datum.data)) {
-		printk(KERN_WARNING "SELinux: avtab: invalid type\n");
+		printk(KERN_ERR "SELinux: avtab: invalid type\n");
 		return -1;
 	}
 	return insertf(a, &key, &datum, p);

trunk/security/selinux/ss/conditional.c

@@ -273,7 +273,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
 	 */
 	if (k->specified & AVTAB_TYPE) {
 		if (avtab_search(&p->te_avtab, k)) {
-			printk("SELinux: type rule already exists outside of a conditional.");
+			printk(KERN_ERR "SELinux: type rule already exists outside of a conditional.\n");
 			goto err;
 		}
 		/*
@@ -288,7 +288,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
 			node_ptr = avtab_search_node(&p->te_cond_avtab, k);
 			if (node_ptr) {
 				if (avtab_search_node_next(node_ptr, k->specified)) {
-					printk("SELinux: too many conflicting type rules.");
+					printk(KERN_ERR "SELinux: too many conflicting type rules.\n");
 					goto err;
 				}
 				found = 0;
@@ -299,21 +299,21 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
 					}
 				}
 				if (!found) {
-					printk("SELinux: conflicting type rules.\n");
+					printk(KERN_ERR "SELinux: conflicting type rules.\n");
 					goto err;
 				}
 			}
 		} else {
 			if (avtab_search(&p->te_cond_avtab, k)) {
-				printk("SELinux: conflicting type rules when adding type rule for true.\n");
+				printk(KERN_ERR "SELinux: conflicting type rules when adding type rule for true.\n");
 				goto err;
 			}
 		}
 	}
 
 	node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d);
 	if (!node_ptr) {
-		printk("SELinux: could not insert rule.");
+		printk(KERN_ERR "SELinux: could not insert rule.\n");
 		goto err;
 	}
 
@@ -372,12 +372,12 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list *
 static int expr_isvalid(struct policydb *p, struct cond_expr *expr)
 {
 	if (expr->expr_type <= 0 || expr->expr_type > COND_LAST) {
-		printk("SELinux: conditional expressions uses unknown operator.\n");
+		printk(KERN_ERR "SELinux: conditional expressions uses unknown operator.\n");
 		return 0;
 	}
 
 	if (expr->bool > p->p_bools.nprim) {
-		printk("SELinux: conditional expressions uses unknown bool.\n");
+		printk(KERN_ERR "SELinux: conditional expressions uses unknown bool.\n");
 		return 0;
 	}
 	return 1;

trunk/security/selinux/ss/policydb.c

@@ -390,7 +390,7 @@ static void symtab_hash_eval(struct symtab *s)
 		struct hashtab_info info;
 
 		hashtab_stat(h, &info);
-		printk(KERN_DEBUG "%s:  %d entries and %d/%d buckets used, "
+		printk(KERN_DEBUG "SELinux: %s:  %d entries and %d/%d buckets used, "
 		       "longest chain length %d\n", symtab_name[i], h->nel,
 		       info.slots_used, h->size, info.max_chain_len);
 	}
@@ -1215,7 +1215,7 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
 
 	if (strcmp(key, OBJECT_R) == 0) {
 		if (role->value != OBJECT_R_VAL) {
-			printk(KERN_ERR "Role %s has wrong value %d\n",
+			printk(KERN_ERR "SELinux: Role %s has wrong value %d\n",
 			       OBJECT_R, role->value);
 			rc = -EINVAL;
 			goto bad;
@@ -1551,22 +1551,23 @@ int policydb_read(struct policydb *p, void *fp)
 
 	if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) {
 		if (ss_initialized && !selinux_mls_enabled) {
-			printk(KERN_ERR "Cannot switch between non-MLS and MLS "
-			       "policies\n");
+			printk(KERN_ERR "SELinux: Cannot switch between non-MLS"
+				" and MLS policies\n");
 			goto bad;
 		}
 		selinux_mls_enabled = 1;
 		config |= POLICYDB_CONFIG_MLS;
 
 		if (p->policyvers < POLICYDB_VERSION_MLS) {
-			printk(KERN_ERR "security policydb version %d (MLS) "
-			       "not backwards compatible\n", p->policyvers);
+			printk(KERN_ERR "SELinux: security policydb version %d "
+				"(MLS) not backwards compatible\n",
+				p->policyvers);
 			goto bad;
 		}
 	} else {
 		if (ss_initialized && selinux_mls_enabled) {
-			printk(KERN_ERR "Cannot switch between MLS and non-MLS "
-			       "policies\n");
+			printk(KERN_ERR "SELinux: Cannot switch between MLS and"
+				" non-MLS policies\n");
 			goto bad;
 		}
 	}