sbsec->initialized = 1;
if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors)) {
- printk(KERN_INFO "SELinux: initialized (dev %s, type %s), unknown behavior\n",
+ printk(KERN_ERR "SELinux: initialized (dev %s, type %s), unknown behavior\n",
sb->s_id, sb->s_type->name);
}
else {
- printk(KERN_INFO "SELinux: initialized (dev %s, type %s), %s\n",
+ printk(KERN_DEBUG "SELinux: initialized (dev %s, type %s), %s\n",
sb->s_id, sb->s_type->name,
labeling_behaviors[sbsec->behavior-1]);
}
static int selinux_register_security (const char *name, struct security_operations *ops)
{
if (secondary_ops != original_ops) {
- printk(KERN_INFO "%s: There is already a secondary security "
+ printk(KERN_ERR "%s: There is already a secondary security "
"module registered.\n", __FUNCTION__);
return -EINVAL;
}
static int selinux_unregister_security (const char *name, struct security_operations *ops)
{
if (ops != secondary_ops) {
- printk (KERN_INFO "%s: trying to unregister a security module "
+ printk(KERN_ERR "%s: trying to unregister a security module "
"that is not registered.\n", __FUNCTION__);
return -EINVAL;
}
}
static int selinux_getprocattr(struct task_struct *p,
- char *name, void *value, size_t size)
+ char *name, char **value)
{
struct task_security_struct *tsec;
u32 sid;
int error;
+ unsigned len;
if (current != p) {
error = task_has_perm(current, p, PROCESS__GETATTR);
if (!sid)
return 0;
- return selinux_getsecurity(sid, value, size);
+ error = security_sid_to_context(sid, value, &len);
+ if (error)
+ return error;
+ return len;
}
static int selinux_setprocattr(struct task_struct *p,
panic("SELinux: Unable to register with kernel.\n");
if (selinux_enforcing) {
- printk(KERN_INFO "SELinux: Starting in enforcing mode\n");
+ printk(KERN_DEBUG "SELinux: Starting in enforcing mode\n");
} else {
- printk(KERN_INFO "SELinux: Starting in permissive mode\n");
+ printk(KERN_DEBUG "SELinux: Starting in permissive mode\n");
}
#ifdef CONFIG_KEYS
void selinux_complete_init(void)
{
- printk(KERN_INFO "SELinux: Completing initialization.\n");
+ printk(KERN_DEBUG "SELinux: Completing initialization.\n");
/* Set up any superblocks initialized prior to the policy load. */
- printk(KERN_INFO "SELinux: Setting up existing superblocks.\n");
+ printk(KERN_DEBUG "SELinux: Setting up existing superblocks.\n");
spin_lock(&sb_lock);
spin_lock(&sb_security_lock);
next_sb:
if (!selinux_enabled)
goto out;
-
- printk(KERN_INFO "SELinux: Registering netfilter hooks\n");
-
+
+ printk(KERN_DEBUG "SELinux: Registering netfilter hooks\n");
+
err = nf_register_hook(&selinux_ipv4_op);
if (err)
panic("SELinux: nf_register_hook for IPv4: error %d\n", err);
#ifdef CONFIG_SECURITY_SELINUX_DISABLE
static void selinux_nf_ip_exit(void)
{
- printk(KERN_INFO "SELinux: Unregistering netfilter hooks\n");
+ printk(KERN_DEBUG "SELinux: Unregistering netfilter hooks\n");
nf_unregister_hook(&selinux_ipv4_op);
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
git.openpandora.org / pandora-kernel.git / blobdiff