Skip to content

K
Kernel

openeuler / Kernel
11 个月 前同步成功

通知 5
Star 0
Fork 0
K
Kernel

体验新版 GitCode,发现更多精彩内容 >>

提交 9a2f44f0 编写于 作者: S Stephen Smalley 提交者: Linus Torvalds
浏览文件
操作

[PATCH] selinux: replace ctxid with sid in selinux_audit_rule_match interface 

Replace ctxid with sid in selinux_audit_rule_match interface for
consistency with other interfaces.
Signed-off-by: NStephen Smalley <sds@tycho.nsa.gov>
Acked-by: NJames Morris <jmorris@namei.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
上级 1a70cd40
隐藏空白更改
内联 并排
Showing with 6 addition and 6 deletion
include/linux/selinux.h
浏览文件 @ 9a2f44f0
...@@ -46,7 +46,7 @@ void selinux_audit_rule_free(struct selinux_audit_rule *rule); ...@@ -46,7 +46,7 @@ void selinux_audit_rule_free(struct selinux_audit_rule *rule);
/** /**
* selinux_audit_rule_match - determine if a context ID matches a rule. * selinux_audit_rule_match - determine if a context ID matches a rule.
* @ctxid: the context ID to check * @sid: the context ID to check
* @field: the field this rule refers to * @field: the field this rule refers to
* @op: the operater the rule uses * @op: the operater the rule uses
* @rule: pointer to the audit rule to check against * @rule: pointer to the audit rule to check against
...@@ -55,7 +55,7 @@ void selinux_audit_rule_free(struct selinux_audit_rule *rule); ...@@ -55,7 +55,7 @@ void selinux_audit_rule_free(struct selinux_audit_rule *rule);
* Returns 1 if the context id matches the rule, 0 if it does not, and * Returns 1 if the context id matches the rule, 0 if it does not, and
* -errno on failure. * -errno on failure.
*/ */
int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, int selinux_audit_rule_match(u32 sid, u32 field, u32 op,
struct selinux_audit_rule *rule, struct selinux_audit_rule *rule,
struct audit_context *actx); struct audit_context *actx);
...@@ -144,7 +144,7 @@ static inline void selinux_audit_rule_free(struct selinux_audit_rule *rule) ...@@ -144,7 +144,7 @@ static inline void selinux_audit_rule_free(struct selinux_audit_rule *rule)
return; return;
} }
static inline int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, static inline int selinux_audit_rule_match(u32 sid, u32 field, u32 op,
struct selinux_audit_rule *rule, struct selinux_audit_rule *rule,
struct audit_context *actx) struct audit_context *actx)
{ {
......
security/selinux/ss/services.c
浏览文件 @ 9a2f44f0
...@@ -2003,7 +2003,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, ...@@ -2003,7 +2003,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr,
return rc; return rc;
} }
int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, int selinux_audit_rule_match(u32 sid, u32 field, u32 op,
struct selinux_audit_rule *rule, struct selinux_audit_rule *rule,
struct audit_context *actx) struct audit_context *actx)
{ {
...@@ -2026,11 +2026,11 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, ...@@ -2026,11 +2026,11 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
goto out; goto out;
} }
ctxt = sidtab_search(&sidtab, ctxid); ctxt = sidtab_search(&sidtab, sid);
if (!ctxt) { if (!ctxt) {
audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR, audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,
"selinux_audit_rule_match: unrecognized SID %d\n", "selinux_audit_rule_match: unrecognized SID %d\n",
ctxid); sid);
match = -ENOENT; match = -ENOENT;
goto out; goto out;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册