diff options
author | John Johansen <john.johansen@canonical.com> | 2016-04-17 00:19:38 +0300 |
---|---|---|
committer | Jiri Slaby <jslaby@suse.cz> | 2017-01-27 13:16:10 +0300 |
commit | 26805d78e246921666a21e37ceb721c7f0df9022 (patch) | |
tree | a7af7adf4de089e0bc482437047e98bb1bdcce3d | |
parent | 0762dc3adc6aa4a0056159afd54735ba088005be (diff) | |
download | linux-26805d78e246921666a21e37ceb721c7f0df9022.tar.xz |
apparmor: fix audit full profile hname on successful load
commit 7ee6da25dcce27b6023a8673fdf8be98dcf7cacf upstream.
Currently logging of a successful profile load only logs the basename
of the profile. This can result in confusion when a child profile has
the same name as the another profile in the set. Logging the hname
will ensure there is no confusion.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
-rw-r--r-- | security/apparmor/policy.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c index db31bc5e459f..ca402d028db8 100644 --- a/security/apparmor/policy.c +++ b/security/apparmor/policy.c @@ -1159,7 +1159,7 @@ ssize_t aa_replace_profiles(void *udata, size_t size, bool noreplace) list_del_init(&ent->list); op = (!ent->old && !ent->rename) ? OP_PROF_LOAD : OP_PROF_REPL; - audit_policy(op, GFP_ATOMIC, ent->new->base.name, NULL, error); + audit_policy(op, GFP_ATOMIC, ent->new->base.hname, NULL, error); if (ent->old) { __replace_profile(ent->old, ent->new, 1); |