selinux: Print 'sclass' as string when unrecognized netlink message o…

…ccurs This prints the 'sclass' field as string instead of index in unrecognized netlink message. The textual representation makes it easier to distinguish the right class. Signed-off-by: Marek Milkovic <mmilkovi@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> [PM: 80-char width fixes] Signed-off-by: Paul Moore <pmoore@redhat.com>
mariux64 · Jun 4, 2015 · cded3ff · cded3ff
1 parent e6e29a4
commit cded3ff
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
@@ -4713,8 +4713,9 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb)
 		if (err == -EINVAL) {
 			printk(KERN_WARNING
 			       "SELinux: unrecognized netlink message:"
-			       " protocol=%hu nlmsg_type=%hu sclass=%hu\n",
-			       sk->sk_protocol, nlh->nlmsg_type, sksec->sclass);
+			       " protocol=%hu nlmsg_type=%hu sclass=%s\n",
+			       sk->sk_protocol, nlh->nlmsg_type,
+			       secclass_map[sksec->sclass - 1].name);
 			if (!selinux_enforcing || security_get_allow_unknown())
 				err = 0;
 		}