Restore logging of pid= and comm= in AVC audit messages

We turned this all off because the 'exe=' was causing deadlocks on dcache_lock. There's no need to leave the pid and comm out though. They'll all be logged correctly if full auditing is enabled, but we should still print them in case auditing _isn't_ enabled. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
git-mirror · May 19, 2005 · cd77b82 · cd77b82
1 parent b7d1125
commit cd77b82
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
@@ -532,6 +532,7 @@ void avc_audit(u32 ssid, u32 tsid,
                u16 tclass, u32 requested,
                struct av_decision *avd, int result, struct avc_audit_data *a)
 {
+	struct task_struct *tsk = current;
 	struct inode *inode = NULL;
 	u32 denied, audited;
 	struct audit_buffer *ab;
@@ -555,6 +556,12 @@ void avc_audit(u32 ssid, u32 tsid,
 	audit_log_format(ab, "avc:  %s ", denied ? "denied" : "granted");
 	avc_dump_av(ab, tclass,audited);
 	audit_log_format(ab, " for ");
+	if (a && a->tsk)
+		tsk = a->tsk;
+	if (a->tsk && a->tsk->pid) {
+		audit_log_format(ab, " pid=%d comm=", tsk->pid);
+		audit_log_untrustedstring(ab, tsk->comm);
+	}
 	if (a) {
 		switch (a->type) {
 		case AVC_AUDIT_DATA_IPC: