diff options
author | Steven Whitehouse <swhiteho@redhat.com> | 2006-03-31 15:34:58 -0500 |
---|---|---|
committer | Steven Whitehouse <swhiteho@redhat.com> | 2006-03-31 15:34:58 -0500 |
commit | 86579dd06deecfa6ac88d5e84e4d63c397cd6f6d (patch) | |
tree | b4475d3ccde53015ad84a06e4e55e64591171b75 /security/selinux/ss/services.c | |
parent | 7ea9ea832212c4a755650f7c7cc1ff0b63292a41 (diff) | |
parent | a0f067802576d4eb4c65d40b8ee7d6ea3c81dd61 (diff) | |
download | linux-stable-86579dd06deecfa6ac88d5e84e4d63c397cd6f6d.tar.gz linux-stable-86579dd06deecfa6ac88d5e84e4d63c397cd6f6d.tar.bz2 linux-stable-86579dd06deecfa6ac88d5e84e4d63c397cd6f6d.zip |
Merge branch 'master'
Diffstat (limited to 'security/selinux/ss/services.c')
-rw-r--r-- | security/selinux/ss/services.c | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 8a764928ff4b..61492485de84 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -27,7 +27,8 @@ #include <linux/in.h> #include <linux/sched.h> #include <linux/audit.h> -#include <asm/semaphore.h> +#include <linux/mutex.h> + #include "flask.h" #include "avc.h" #include "avc_ss.h" @@ -48,9 +49,9 @@ static DEFINE_RWLOCK(policy_rwlock); #define POLICY_RDUNLOCK read_unlock(&policy_rwlock) #define POLICY_WRUNLOCK write_unlock_irq(&policy_rwlock) -static DECLARE_MUTEX(load_sem); -#define LOAD_LOCK down(&load_sem) -#define LOAD_UNLOCK up(&load_sem) +static DEFINE_MUTEX(load_mutex); +#define LOAD_LOCK mutex_lock(&load_mutex) +#define LOAD_UNLOCK mutex_unlock(&load_mutex) static struct sidtab sidtab; struct policydb policydb; @@ -1758,19 +1759,22 @@ int security_set_bools(int len, int *values) goto out; } - printk(KERN_INFO "security: committed booleans { "); for (i = 0; i < len; i++) { + if (!!values[i] != policydb.bool_val_to_struct[i]->state) { + audit_log(current->audit_context, GFP_ATOMIC, + AUDIT_MAC_CONFIG_CHANGE, + "bool=%s val=%d old_val=%d auid=%u", + policydb.p_bool_val_to_name[i], + !!values[i], + policydb.bool_val_to_struct[i]->state, + audit_get_loginuid(current->audit_context)); + } if (values[i]) { policydb.bool_val_to_struct[i]->state = 1; } else { policydb.bool_val_to_struct[i]->state = 0; } - if (i != 0) - printk(", "); - printk("%s:%d", policydb.p_bool_val_to_name[i], - policydb.bool_val_to_struct[i]->state); } - printk(" }\n"); for (cur = policydb.cond_list; cur != NULL; cur = cur->next) { rc = evaluate_cond_node(&policydb, cur); |