selinux: Cleanup printk logging in policydb
Replace printk with pr_* to avoid checkpatch warnings and replace KERN_CONT with 2 longer prints. Signed-off-by: Peter Enderborg <peter.enderborg@sony.com> [PM: fixed some missing newlines identified by Joe Perches] Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
parent
180cfc58cd
commit
9ffdd49e3d
|
@ -504,7 +504,7 @@ static void hash_eval(struct hashtab *h, const char *hash_name)
|
||||||
struct hashtab_info info;
|
struct hashtab_info info;
|
||||||
|
|
||||||
hashtab_stat(h, &info);
|
hashtab_stat(h, &info);
|
||||||
printk(KERN_DEBUG "SELinux: %s: %d entries and %d/%d buckets used, "
|
pr_debug("SELinux: %s: %d entries and %d/%d buckets used, "
|
||||||
"longest chain length %d\n", hash_name, h->nel,
|
"longest chain length %d\n", hash_name, h->nel,
|
||||||
info.slots_used, h->size, info.max_chain_len);
|
info.slots_used, h->size, info.max_chain_len);
|
||||||
}
|
}
|
||||||
|
@ -533,15 +533,17 @@ static int policydb_index(struct policydb *p)
|
||||||
{
|
{
|
||||||
int i, rc;
|
int i, rc;
|
||||||
|
|
||||||
printk(KERN_DEBUG "SELinux: %d users, %d roles, %d types, %d bools",
|
|
||||||
p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim, p->p_bools.nprim);
|
|
||||||
if (p->mls_enabled)
|
if (p->mls_enabled)
|
||||||
printk(KERN_CONT ", %d sens, %d cats", p->p_levels.nprim,
|
pr_debug("SELinux: %d users, %d roles, %d types, %d bools, %d sens, %d cats\n",
|
||||||
p->p_cats.nprim);
|
p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim,
|
||||||
printk(KERN_CONT "\n");
|
p->p_bools.nprim, p->p_levels.nprim, p->p_cats.nprim);
|
||||||
|
else
|
||||||
|
pr_debug("SELinux: %d users, %d roles, %d types, %d bools\n",
|
||||||
|
p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim,
|
||||||
|
p->p_bools.nprim);
|
||||||
|
|
||||||
printk(KERN_DEBUG "SELinux: %d classes, %d rules\n",
|
pr_debug("SELinux: %d classes, %d rules\n",
|
||||||
p->p_classes.nprim, p->te_avtab.nel);
|
p->p_classes.nprim, p->te_avtab.nel);
|
||||||
|
|
||||||
#ifdef DEBUG_HASHES
|
#ifdef DEBUG_HASHES
|
||||||
avtab_hash_eval(&p->te_avtab, "rules");
|
avtab_hash_eval(&p->te_avtab, "rules");
|
||||||
|
@ -897,7 +899,7 @@ int policydb_load_isids(struct policydb *p, struct sidtab *s)
|
||||||
|
|
||||||
rc = sidtab_init(s);
|
rc = sidtab_init(s);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: out of memory on SID table init\n");
|
pr_err("SELinux: out of memory on SID table init\n");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -905,14 +907,14 @@ int policydb_load_isids(struct policydb *p, struct sidtab *s)
|
||||||
for (c = head; c; c = c->next) {
|
for (c = head; c; c = c->next) {
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
if (!c->context[0].user) {
|
if (!c->context[0].user) {
|
||||||
printk(KERN_ERR "SELinux: SID %s was never defined.\n",
|
pr_err("SELinux: SID %s was never defined.\n",
|
||||||
c->u.name);
|
c->u.name);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = sidtab_insert(s, c->sid[0], &c->context[0]);
|
rc = sidtab_insert(s, c->sid[0], &c->context[0]);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: unable to load initial SID %s.\n",
|
pr_err("SELinux: unable to load initial SID %s.\n",
|
||||||
c->u.name);
|
c->u.name);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
@ -1005,13 +1007,13 @@ static int mls_read_range_helper(struct mls_range *r, void *fp)
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
items = le32_to_cpu(buf[0]);
|
items = le32_to_cpu(buf[0]);
|
||||||
if (items > ARRAY_SIZE(buf)) {
|
if (items > ARRAY_SIZE(buf)) {
|
||||||
printk(KERN_ERR "SELinux: mls: range overflow\n");
|
pr_err("SELinux: mls: range overflow\n");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof(u32) * items);
|
rc = next_entry(buf, fp, sizeof(u32) * items);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: mls: truncated range\n");
|
pr_err("SELinux: mls: truncated range\n");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1023,19 +1025,19 @@ static int mls_read_range_helper(struct mls_range *r, void *fp)
|
||||||
|
|
||||||
rc = ebitmap_read(&r->level[0].cat, fp);
|
rc = ebitmap_read(&r->level[0].cat, fp);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: mls: error reading low categories\n");
|
pr_err("SELinux: mls: error reading low categories\n");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
if (items > 1) {
|
if (items > 1) {
|
||||||
rc = ebitmap_read(&r->level[1].cat, fp);
|
rc = ebitmap_read(&r->level[1].cat, fp);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: mls: error reading high categories\n");
|
pr_err("SELinux: mls: error reading high categories\n");
|
||||||
goto bad_high;
|
goto bad_high;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
rc = ebitmap_cpy(&r->level[1].cat, &r->level[0].cat);
|
rc = ebitmap_cpy(&r->level[1].cat, &r->level[0].cat);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: mls: out of memory\n");
|
pr_err("SELinux: mls: out of memory\n");
|
||||||
goto bad_high;
|
goto bad_high;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1060,7 +1062,7 @@ static int context_read_and_validate(struct context *c,
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: context truncated\n");
|
pr_err("SELinux: context truncated\n");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
c->user = le32_to_cpu(buf[0]);
|
c->user = le32_to_cpu(buf[0]);
|
||||||
|
@ -1069,14 +1071,14 @@ static int context_read_and_validate(struct context *c,
|
||||||
if (p->policyvers >= POLICYDB_VERSION_MLS) {
|
if (p->policyvers >= POLICYDB_VERSION_MLS) {
|
||||||
rc = mls_read_range_helper(&c->range, fp);
|
rc = mls_read_range_helper(&c->range, fp);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: error reading MLS range of context\n");
|
pr_err("SELinux: error reading MLS range of context\n");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
if (!policydb_context_isvalid(p, c)) {
|
if (!policydb_context_isvalid(p, c)) {
|
||||||
printk(KERN_ERR "SELinux: invalid security context\n");
|
pr_err("SELinux: invalid security context\n");
|
||||||
context_destroy(c);
|
context_destroy(c);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
@ -1352,7 +1354,8 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
cladatum->comdatum = hashtab_search(p->p_commons.table, cladatum->comkey);
|
cladatum->comdatum = hashtab_search(p->p_commons.table, cladatum->comkey);
|
||||||
if (!cladatum->comdatum) {
|
if (!cladatum->comdatum) {
|
||||||
printk(KERN_ERR "SELinux: unknown common %s\n", cladatum->comkey);
|
pr_err("SELinux: unknown common %s\n",
|
||||||
|
cladatum->comkey);
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1444,7 +1447,7 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
if (strcmp(key, OBJECT_R) == 0) {
|
if (strcmp(key, OBJECT_R) == 0) {
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
if (role->value != OBJECT_R_VAL) {
|
if (role->value != OBJECT_R_VAL) {
|
||||||
printk(KERN_ERR "SELinux: Role %s has wrong value %d\n",
|
pr_err("SELinux: Role %s has wrong value %d\n",
|
||||||
OBJECT_R, role->value);
|
OBJECT_R, role->value);
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
|
@ -1522,14 +1525,14 @@ static int mls_read_level(struct mls_level *lp, void *fp)
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: mls: truncated level\n");
|
pr_err("SELinux: mls: truncated level\n");
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
lp->sens = le32_to_cpu(buf[0]);
|
lp->sens = le32_to_cpu(buf[0]);
|
||||||
|
|
||||||
rc = ebitmap_read(&lp->cat, fp);
|
rc = ebitmap_read(&lp->cat, fp);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: mls: error reading level categories\n");
|
pr_err("SELinux: mls: error reading level categories\n");
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -1683,7 +1686,7 @@ static int user_bounds_sanity_check(void *key, void *datum, void *datap)
|
||||||
unsigned long bit;
|
unsigned long bit;
|
||||||
|
|
||||||
if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
|
if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
|
||||||
printk(KERN_ERR "SELinux: user %s: "
|
pr_err("SELinux: user %s: "
|
||||||
"too deep or looped boundary",
|
"too deep or looped boundary",
|
||||||
(char *) key);
|
(char *) key);
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
@ -1694,8 +1697,7 @@ static int user_bounds_sanity_check(void *key, void *datum, void *datap)
|
||||||
if (ebitmap_get_bit(&upper->roles, bit))
|
if (ebitmap_get_bit(&upper->roles, bit))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
printk(KERN_ERR
|
pr_err("SELinux: boundary violated policy: "
|
||||||
"SELinux: boundary violated policy: "
|
|
||||||
"user=%s role=%s bounds=%s\n",
|
"user=%s role=%s bounds=%s\n",
|
||||||
sym_name(p, SYM_USERS, user->value - 1),
|
sym_name(p, SYM_USERS, user->value - 1),
|
||||||
sym_name(p, SYM_ROLES, bit),
|
sym_name(p, SYM_ROLES, bit),
|
||||||
|
@ -1720,7 +1722,7 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap)
|
||||||
unsigned long bit;
|
unsigned long bit;
|
||||||
|
|
||||||
if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
|
if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
|
||||||
printk(KERN_ERR "SELinux: role %s: "
|
pr_err("SELinux: role %s: "
|
||||||
"too deep or looped bounds\n",
|
"too deep or looped bounds\n",
|
||||||
(char *) key);
|
(char *) key);
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
@ -1731,8 +1733,7 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap)
|
||||||
if (ebitmap_get_bit(&upper->types, bit))
|
if (ebitmap_get_bit(&upper->types, bit))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
printk(KERN_ERR
|
pr_err("SELinux: boundary violated policy: "
|
||||||
"SELinux: boundary violated policy: "
|
|
||||||
"role=%s type=%s bounds=%s\n",
|
"role=%s type=%s bounds=%s\n",
|
||||||
sym_name(p, SYM_ROLES, role->value - 1),
|
sym_name(p, SYM_ROLES, role->value - 1),
|
||||||
sym_name(p, SYM_TYPES, bit),
|
sym_name(p, SYM_TYPES, bit),
|
||||||
|
@ -1754,7 +1755,7 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap)
|
||||||
upper = datum;
|
upper = datum;
|
||||||
while (upper->bounds) {
|
while (upper->bounds) {
|
||||||
if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
|
if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
|
||||||
printk(KERN_ERR "SELinux: type %s: "
|
pr_err("SELinux: type %s: "
|
||||||
"too deep or looped boundary\n",
|
"too deep or looped boundary\n",
|
||||||
(char *) key);
|
(char *) key);
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
@ -1765,7 +1766,7 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap)
|
||||||
BUG_ON(!upper);
|
BUG_ON(!upper);
|
||||||
|
|
||||||
if (upper->attribute) {
|
if (upper->attribute) {
|
||||||
printk(KERN_ERR "SELinux: type %s: "
|
pr_err("SELinux: type %s: "
|
||||||
"bounded by attribute %s",
|
"bounded by attribute %s",
|
||||||
(char *) key,
|
(char *) key,
|
||||||
sym_name(p, SYM_TYPES, upper->value - 1));
|
sym_name(p, SYM_TYPES, upper->value - 1));
|
||||||
|
@ -1888,7 +1889,7 @@ static int range_read(struct policydb *p, void *fp)
|
||||||
|
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
if (!mls_range_isvalid(p, r)) {
|
if (!mls_range_isvalid(p, r)) {
|
||||||
printk(KERN_WARNING "SELinux: rangetrans: invalid range\n");
|
pr_warn("SELinux: rangetrans: invalid range\n");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2023,7 +2024,7 @@ static int genfs_read(struct policydb *p, void *fp)
|
||||||
genfs_p = genfs, genfs = genfs->next) {
|
genfs_p = genfs, genfs = genfs->next) {
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
if (strcmp(newgenfs->fstype, genfs->fstype) == 0) {
|
if (strcmp(newgenfs->fstype, genfs->fstype) == 0) {
|
||||||
printk(KERN_ERR "SELinux: dup genfs fstype %s\n",
|
pr_err("SELinux: dup genfs fstype %s\n",
|
||||||
newgenfs->fstype);
|
newgenfs->fstype);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
@ -2073,7 +2074,7 @@ static int genfs_read(struct policydb *p, void *fp)
|
||||||
if (!strcmp(newc->u.name, c->u.name) &&
|
if (!strcmp(newc->u.name, c->u.name) &&
|
||||||
(!c->v.sclass || !newc->v.sclass ||
|
(!c->v.sclass || !newc->v.sclass ||
|
||||||
newc->v.sclass == c->v.sclass)) {
|
newc->v.sclass == c->v.sclass)) {
|
||||||
printk(KERN_ERR "SELinux: dup genfs entry (%s,%s)\n",
|
pr_err("SELinux: dup genfs entry (%s,%s)\n",
|
||||||
genfs->fstype, c->u.name);
|
genfs->fstype, c->u.name);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
@ -2295,7 +2296,7 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
|
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) {
|
if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) {
|
||||||
printk(KERN_ERR "SELinux: policydb magic number 0x%x does "
|
pr_err("SELinux: policydb magic number 0x%x does "
|
||||||
"not match expected magic number 0x%x\n",
|
"not match expected magic number 0x%x\n",
|
||||||
le32_to_cpu(buf[0]), POLICYDB_MAGIC);
|
le32_to_cpu(buf[0]), POLICYDB_MAGIC);
|
||||||
goto bad;
|
goto bad;
|
||||||
|
@ -2304,7 +2305,7 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
len = le32_to_cpu(buf[1]);
|
len = le32_to_cpu(buf[1]);
|
||||||
if (len != strlen(POLICYDB_STRING)) {
|
if (len != strlen(POLICYDB_STRING)) {
|
||||||
printk(KERN_ERR "SELinux: policydb string length %d does not "
|
pr_err("SELinux: policydb string length %d does not "
|
||||||
"match expected length %zu\n",
|
"match expected length %zu\n",
|
||||||
len, strlen(POLICYDB_STRING));
|
len, strlen(POLICYDB_STRING));
|
||||||
goto bad;
|
goto bad;
|
||||||
|
@ -2313,14 +2314,14 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
policydb_str = kmalloc(len + 1, GFP_KERNEL);
|
policydb_str = kmalloc(len + 1, GFP_KERNEL);
|
||||||
if (!policydb_str) {
|
if (!policydb_str) {
|
||||||
printk(KERN_ERR "SELinux: unable to allocate memory for policydb "
|
pr_err("SELinux: unable to allocate memory for policydb "
|
||||||
"string of length %d\n", len);
|
"string of length %d\n", len);
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
|
|
||||||
rc = next_entry(policydb_str, fp, len);
|
rc = next_entry(policydb_str, fp, len);
|
||||||
if (rc) {
|
if (rc) {
|
||||||
printk(KERN_ERR "SELinux: truncated policydb string identifier\n");
|
pr_err("SELinux: truncated policydb string identifier\n");
|
||||||
kfree(policydb_str);
|
kfree(policydb_str);
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
|
@ -2328,7 +2329,7 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
policydb_str[len] = '\0';
|
policydb_str[len] = '\0';
|
||||||
if (strcmp(policydb_str, POLICYDB_STRING)) {
|
if (strcmp(policydb_str, POLICYDB_STRING)) {
|
||||||
printk(KERN_ERR "SELinux: policydb string %s does not match "
|
pr_err("SELinux: policydb string %s does not match "
|
||||||
"my string %s\n", policydb_str, POLICYDB_STRING);
|
"my string %s\n", policydb_str, POLICYDB_STRING);
|
||||||
kfree(policydb_str);
|
kfree(policydb_str);
|
||||||
goto bad;
|
goto bad;
|
||||||
|
@ -2346,7 +2347,7 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
p->policyvers = le32_to_cpu(buf[0]);
|
p->policyvers = le32_to_cpu(buf[0]);
|
||||||
if (p->policyvers < POLICYDB_VERSION_MIN ||
|
if (p->policyvers < POLICYDB_VERSION_MIN ||
|
||||||
p->policyvers > POLICYDB_VERSION_MAX) {
|
p->policyvers > POLICYDB_VERSION_MAX) {
|
||||||
printk(KERN_ERR "SELinux: policydb version %d does not match "
|
pr_err("SELinux: policydb version %d does not match "
|
||||||
"my version range %d-%d\n",
|
"my version range %d-%d\n",
|
||||||
le32_to_cpu(buf[0]), POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX);
|
le32_to_cpu(buf[0]), POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX);
|
||||||
goto bad;
|
goto bad;
|
||||||
|
@ -2357,7 +2358,7 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
|
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
if (p->policyvers < POLICYDB_VERSION_MLS) {
|
if (p->policyvers < POLICYDB_VERSION_MLS) {
|
||||||
printk(KERN_ERR "SELinux: security policydb version %d "
|
pr_err("SELinux: security policydb version %d "
|
||||||
"(MLS) not backwards compatible\n",
|
"(MLS) not backwards compatible\n",
|
||||||
p->policyvers);
|
p->policyvers);
|
||||||
goto bad;
|
goto bad;
|
||||||
|
@ -2381,7 +2382,7 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
info = policydb_lookup_compat(p->policyvers);
|
info = policydb_lookup_compat(p->policyvers);
|
||||||
if (!info) {
|
if (!info) {
|
||||||
printk(KERN_ERR "SELinux: unable to find policy compat info "
|
pr_err("SELinux: unable to find policy compat info "
|
||||||
"for version %d\n", p->policyvers);
|
"for version %d\n", p->policyvers);
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
|
@ -2389,7 +2390,7 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
if (le32_to_cpu(buf[2]) != info->sym_num ||
|
if (le32_to_cpu(buf[2]) != info->sym_num ||
|
||||||
le32_to_cpu(buf[3]) != info->ocon_num) {
|
le32_to_cpu(buf[3]) != info->ocon_num) {
|
||||||
printk(KERN_ERR "SELinux: policydb table sizes (%d,%d) do "
|
pr_err("SELinux: policydb table sizes (%d,%d) do "
|
||||||
"not match mine (%d,%d)\n", le32_to_cpu(buf[2]),
|
"not match mine (%d,%d)\n", le32_to_cpu(buf[2]),
|
||||||
le32_to_cpu(buf[3]),
|
le32_to_cpu(buf[3]),
|
||||||
info->sym_num, info->ocon_num);
|
info->sym_num, info->ocon_num);
|
||||||
|
@ -3417,7 +3418,7 @@ int policydb_write(struct policydb *p, void *fp)
|
||||||
* careful if you ever try to remove this restriction
|
* careful if you ever try to remove this restriction
|
||||||
*/
|
*/
|
||||||
if (p->policyvers < POLICYDB_VERSION_AVTAB) {
|
if (p->policyvers < POLICYDB_VERSION_AVTAB) {
|
||||||
printk(KERN_ERR "SELinux: refusing to write policy version %d."
|
pr_err("SELinux: refusing to write policy version %d."
|
||||||
" Because it is less than version %d\n", p->policyvers,
|
" Because it is less than version %d\n", p->policyvers,
|
||||||
POLICYDB_VERSION_AVTAB);
|
POLICYDB_VERSION_AVTAB);
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
@ -3446,7 +3447,7 @@ int policydb_write(struct policydb *p, void *fp)
|
||||||
/* Write the version, config, and table sizes. */
|
/* Write the version, config, and table sizes. */
|
||||||
info = policydb_lookup_compat(p->policyvers);
|
info = policydb_lookup_compat(p->policyvers);
|
||||||
if (!info) {
|
if (!info) {
|
||||||
printk(KERN_ERR "SELinux: compatibility lookup failed for policy "
|
pr_err("SELinux: compatibility lookup failed for policy "
|
||||||
"version %d", p->policyvers);
|
"version %d", p->policyvers);
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue