apparmor: fix audit full profile hname on successful load

Currently logging of a successful profile load only logs the basename of the profile. This can result in confusion when a child profile has the same name as the another profile in the set. Logging the hname will ensure there is no confusion. Signed-off-by: John Johansen <[email protected]> Acked-by: Seth Arnold <[email protected]>
arthurschreiber · Jul 12, 2016 · 7ee6da2 · 7ee6da2
1 parent bf15cf0
commit 7ee6da2
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
@@ -1159,7 +1159,7 @@ ssize_t aa_replace_profiles(void *udata, size_t size, bool noreplace)
 		list_del_init(&ent->list);
 		op = (!ent->old && !ent->rename) ? OP_PROF_LOAD : OP_PROF_REPL;
 
-		audit_policy(op, GFP_ATOMIC, ent->new->base.name, NULL, error);
+		audit_policy(op, GFP_ATOMIC, ent->new->base.hname, NULL, error);
 
 		if (ent->old) {
 			__replace_profile(ent->old, ent->new, 1);