From f4f3f156b8372d8d2a4ded3da85b59ad5fbc1302 Mon Sep 17 00:00:00 2001
From: Joel Voss <jvoss@motorola.com>
Date: Fri, 31 Oct 2014 21:00:36 -0500
Subject: IKSWL-3373: selinux: Improve avc logging

Where applicable, include the process UID in the audit
log message. This assists debugging the source of denials,
especially in the application domain.

Change-Id: I082398f0216db893b51f9371f98e6b230d2e9147
Signed-off-by: Joel Voss <jvoss@motorola.com>
Reviewed-by: Connie Zhao <czhao1@motorola.com>
Reviewed-on: http://gerrit.mot.com/689473
SLTApproved: Slta Waiver <sltawvr@motorola.com>
Tested-by: Jira Key <jirakey@motorola.com>
Reviewed-by: Christopher Fries <cfries@motorola.com>
Submit-Approved: Jira Key <jirakey@motorola.com>
Signed-off-by: kgudeth <kgudeth@motorola.com>
Reviewed-on: http://gerrit.mot.com/695886
Reviewed-on: http://gerrit.mot.com/727995
SME-Granted: SME Approvals Granted
Signed-off-by: franciscofranco <franciscofranco.1990@gmail.com>
---
 security/lsm_audit.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 8f6b8e8a4..fe7d8636c 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -220,6 +220,8 @@ static void dump_common_audit_data(struct audit_buffer *ab,
 	 */
 	BUILD_BUG_ON(sizeof(a->u) > sizeof(void *)*2);
 
+	if (tsk->cred)
+		audit_log_format(ab, " uid=%d", tsk->cred->uid);
 	audit_log_format(ab, " pid=%d comm=", tsk->pid);
 	audit_log_untrustedstring(ab, tsk->comm);
 
@@ -294,6 +296,8 @@ static void dump_common_audit_data(struct audit_buffer *ab,
 	case LSM_AUDIT_DATA_TASK:
 		tsk = a->u.tsk;
 		if (tsk && tsk->pid) {
+			if (tsk->cred)
+				audit_log_format(ab, " uid=%d", tsk->cred->uid);
 			audit_log_format(ab, " pid=%d comm=", tsk->pid);
 			audit_log_untrustedstring(ab, tsk->comm);
 		}
-- 
cgit v1.2.3