| 1 |
|
| 2 |
Provides support for a new field ipaddr within the SELinux |
| 3 |
AVC audit log, relying in task_struct->curr_ip (ipv4 only) |
| 4 |
provided by grSecurity patch to be applied before. |
| 5 |
|
| 6 |
Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org> |
| 7 |
--- |
| 8 |
|
| 9 |
linux-2.6.11-lorenzo/security/selinux/avc.c | 6 ++++++ |
| 10 |
1 files changed, 6 insertions(+) |
| 11 |
|
| 12 |
Index: linux-2.6.18/security/selinux/avc.c |
| 13 |
=================================================================== |
| 14 |
--- linux-2.6.18.orig/security/selinux/avc.c |
| 15 |
+++ linux-2.6.18/security/selinux/avc.c |
| 16 |
@@ -203,6 +203,12 @@ static void avc_dump_query(struct audit_ |
| 17 |
char *scontext; |
| 18 |
u32 scontext_len; |
| 19 |
|
| 20 |
+/* CONFIG_PROC_IPADDR if task-signal-curr_ip patch from lorenzo@gnu.org is present */ |
| 21 |
+#ifdef CONFIG_GRKERNSEC_PROC_IPADDR |
| 22 |
+ if (current->signal->curr_ip) |
| 23 |
+ audit_log_format(ab, "ipaddr=%u.%u.%u.%u ", NIPQUAD(current->signal->curr_ip)); |
| 24 |
+#endif /* CONFIG_GRKERNSEC_PROC_IPADDR */ |
| 25 |
+ |
| 26 |
rc = security_sid_to_context(ssid, &scontext, &scontext_len); |
| 27 |
if (rc) |
| 28 |
audit_log_format(ab, "ssid=%d", ssid); |
Parent Directory
| 
Revision Log