From: James Morris <jmorris@redhat.com>

This patch adds dname to audit output when a path cannot be generated. 
This makes analysis of SELinux audit logs easier.

Patch by Stephen Smalley <sds@epoch.ncsc.mil>.



---

 25-akpm/security/selinux/avc.c |   13 +++++++++++--
 1 files changed, 11 insertions(+), 2 deletions(-)

diff -puN security/selinux/avc.c~selinux-07-add-dname-to-audit-output security/selinux/avc.c
--- 25/security/selinux/avc.c~selinux-07-add-dname-to-audit-output	Fri Jan  9 12:49:36 2004
+++ 25-akpm/security/selinux/avc.c	Fri Jan  9 12:49:36 2004
@@ -575,17 +575,26 @@ void avc_audit(u32 ssid, u32 tsid,
 			break;
 		case AVC_AUDIT_DATA_FS:
 			if (a->u.fs.dentry) {
+				struct dentry *dentry = a->u.fs.dentry;
 				if (a->u.fs.mnt) {
-					p = d_path(a->u.fs.dentry,
+					p = d_path(dentry,
 						   a->u.fs.mnt,
 						   avc_audit_buffer,
 						   PAGE_SIZE);
 					if (p)
 						printk(" path=%s", p);
+				} else {
+					printk(" name=%s", dentry->d_name.name);
 				}
-				inode = a->u.fs.dentry->d_inode;
+				inode = dentry->d_inode;
 			} else if (a->u.fs.inode) {
+				struct dentry *dentry;
 				inode = a->u.fs.inode;
+				dentry = d_find_alias(inode);
+				if (dentry) {
+					printk(" name=%s", dentry->d_name.name);
+					dput(dentry);
+				}
 			}
 			if (inode)
 				printk(" dev=%s ino=%ld",

_