selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
authorVladis Dronov <vdronov@redhat.com>
Thu, 24 Dec 2015 16:09:41 +0000 (11:09 -0500)
committerPaul Moore <pmoore@redhat.com>
Thu, 24 Dec 2015 16:09:41 +0000 (11:09 -0500)
Any process is able to send netlink messages with invalid types.
Make the warning rate-limited to prevent too much log spam.

The warning is supposed to help to find misbehaving programs, so
print the triggering command name and pid.

Reported-by: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
[PM: subject line tweak to make checkpatch.pl happy]
Signed-off-by: Paul Moore <pmoore@redhat.com>
security/selinux/hooks.c

index 34e3351239d8eca7d3d4b7b7d47454da1bcdea63..40e071af77831c95ef2b7ebb90df229dff0fbf8e 100644 (file)
@@ -4858,11 +4858,12 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb)
        err = selinux_nlmsg_lookup(sksec->sclass, nlh->nlmsg_type, &perm);
        if (err) {
                if (err == -EINVAL) {
-                       printk(KERN_WARNING
-                              "SELinux: unrecognized netlink message:"
-                              " protocol=%hu nlmsg_type=%hu sclass=%s\n",
+                       pr_warn_ratelimited("SELinux: unrecognized netlink"
+                              " message: protocol=%hu nlmsg_type=%hu sclass=%s"
+                              " pig=%d comm=%s\n",
                               sk->sk_protocol, nlh->nlmsg_type,
-                              secclass_map[sksec->sclass - 1].name);
+                              secclass_map[sksec->sclass - 1].name,
+                              task_pid_nr(current), current->comm);
                        if (!selinux_enforcing || security_get_allow_unknown())
                                err = 0;
                }