projects / GitHub / moto-9609 / android_kernel_motorola_exynos9610.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6d32c85) | patch
selinux: Report permissive mode in avc: denied messages.
authorStephen Smalley <sds@tycho.nsa.gov>
Tue, 29 Apr 2014 18:29:04 +0000 (11:29 -0700)
committerPaul Moore <pmoore@redhat.com>
Thu, 1 May 2014 18:56:14 +0000 (14:56 -0400)
commit626b9740fa73cad043e136bfb3b6fca68a4f8a7c
tree2f28ff59a691edcc8874b460a4f4e2f8075f611dtree | snapshot (tar.gz zip)
parent6d32c850621b0be75777b9102b14f6268bbd9f0fcommit | diff
selinux:  Report permissive mode in avc: denied messages.

We cannot presently tell from an avc: denied message whether access was in
fact denied or was allowed due to global or per-domain permissive mode.
Add a permissive= field to the avc message to reflect this information.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
security/selinux/avc.c diff | blob | blame | history
security/selinux/hooks.c diff | blob | blame | history
security/selinux/include/avc.h diff | blob | blame | history