| hooks.c (19e49834d22c2271ed1f4a03aaa4b74986447fb4) | hooks.c (ab3540626435c01e08fe58ce544311a78430f112) |
|---|---|
| 1/* 2 * NSA Security-Enhanced Linux (SELinux) security module 3 * 4 * This file contains the SELinux hook function implementations. 5 * 6 * Authors: Stephen Smalley, <sds@epoch.ncsc.mil> 7 * Chris Vance, <cvance@nai.com> 8 * Wayne Salamon, <wsalamon@nai.com> --- 1488 unchanged lines hidden (view full) --- 1497 printk(KERN_ERR 1498 "SELinux: out of range capability %d\n", cap); 1499 BUG(); 1500 return -EINVAL; 1501 } 1502 1503 rc = avc_has_perm_noaudit(sid, sid, sclass, av, 0, &avd); 1504 if (audit == SECURITY_CAP_AUDIT) { | 1/* 2 * NSA Security-Enhanced Linux (SELinux) security module 3 * 4 * This file contains the SELinux hook function implementations. 5 * 6 * Authors: Stephen Smalley, <sds@epoch.ncsc.mil> 7 * Chris Vance, <cvance@nai.com> 8 * Wayne Salamon, <wsalamon@nai.com> --- 1488 unchanged lines hidden (view full) --- 1497 printk(KERN_ERR 1498 "SELinux: out of range capability %d\n", cap); 1499 BUG(); 1500 return -EINVAL; 1501 } 1502 1503 rc = avc_has_perm_noaudit(sid, sid, sclass, av, 0, &avd); 1504 if (audit == SECURITY_CAP_AUDIT) { |
| 1505 int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad, 0); | 1505 int rc2 = avc_audit(sid, sid, sclass, av, &avd, rc, &ad); |
| 1506 if (rc2) 1507 return rc2; 1508 } 1509 return rc; 1510} 1511 1512/* Check whether a task is allowed to use a system operation. */ 1513static int task_has_system(struct task_struct *tsk, --- 4475 unchanged lines hidden --- | 1506 if (rc2) 1507 return rc2; 1508 } 1509 return rc; 1510} 1511 1512/* Check whether a task is allowed to use a system operation. */ 1513static int task_has_system(struct task_struct *tsk, --- 4475 unchanged lines hidden --- |