userns: Convert selinux to use kuid and kgid where appropriate

author Eric W. Biederman <ebiederm@xmission.com>

Mon, 20 Aug 2012 07:09:36 +0000 (00:09 -0700)

committer Eric W. Biederman <ebiederm@xmission.com>

Fri, 21 Sep 2012 10:13:22 +0000 (03:13 -0700)
author Eric W. Biederman <ebiederm@xmission.com>
Mon, 20 Aug 2012 07:09:36 +0000 (00:09 -0700)
committer Eric W. Biederman <ebiederm@xmission.com>
Fri, 21 Sep 2012 10:13:22 +0000 (03:13 -0700)
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c

index 298e695d6822577e80e5a03a3b5b77d78fe9ebc8..55af8c5b57e645d821073e197c8dd5e8cb4c3b9a 100644 (file)
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -174,7 +174,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
                 audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS,
                         "enforcing=%d old_enforcing=%d auid=%u ses=%u",
                         new_value, selinux_enforcing,
-                       audit_get_loginuid(current),
+                       from_kuid(&init_user_ns, audit_get_loginuid(current)),
                         audit_get_sessionid(current));
                 selinux_enforcing = new_value;
                 if (selinux_enforcing)
@@ -305,7 +305,7 @@ static ssize_t sel_write_disable(struct file *file, const char __user *buf,
                         goto out;
                 audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS,
                         "selinux=0 auid=%u ses=%u",
-                       audit_get_loginuid(current),
+                       from_kuid(&init_user_ns, audit_get_loginuid(current)),
                         audit_get_sessionid(current));
         }
  
@@ -551,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
  out1:
         audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
                 "policy loaded auid=%u ses=%u",
-               audit_get_loginuid(current),
+               from_kuid(&init_user_ns, audit_get_loginuid(current)),
                 audit_get_sessionid(current));
  out:
         mutex_unlock(&sel_mutex);
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c

index 4321b8fc886337946bd3366410a4815dfbd6dc10..b4feecc3fe0110d10bbdc183c369a03ab8495a6c 100644 (file)
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2440,7 +2440,7 @@ int security_set_bools(int len, int *values)
                                 sym_name(&policydb, SYM_BOOLS, i),
                                 !!values[i],
                                 policydb.bool_val_to_struct[i]->state,
-                               audit_get_loginuid(current),
+                               from_kuid(&init_user_ns, audit_get_loginuid(current)),
                                 audit_get_sessionid(current));
                 }
                 if (values[i])
author	Eric W. Biederman <ebiederm@xmission.com>
	Mon, 20 Aug 2012 07:09:36 +0000 (00:09 -0700)
committer	Eric W. Biederman <ebiederm@xmission.com>
	Fri, 21 Sep 2012 10:13:22 +0000 (03:13 -0700)
security/selinux/selinuxfs.c		patch \| blob \| history
security/selinux/ss/services.c		patch \| blob \| history