SELinux: unify printk messages (454d972c) · Commits · e / devices / android_kernel_oneplus_sm7250

security/selinux/ss/avtab.c

+20 −20

Original line number	Diff line number	Diff line
		@@ -280,8 +280,8 @@ int avtab_alloc(struct avtab *h, u32 nrules)
		h->nel = 0;
		h->nslot = nslot;
		h->mask = mask;
		printk(KERN_DEBUG "SELinux:%d avtab hash slots allocated. "
		"Num of rules:%d\n", h->nslot, nrules);
		printk(KERN_DEBUG "SELinux: %d avtab hash slots, %d rules.\n",
		h->nslot, nrules);
		return 0;
		}

		@@ -345,18 +345,18 @@ int avtab_read_item(struct avtab a, void fp, struct policydb *pol,
		if (vers < POLICYDB_VERSION_AVTAB) {
		rc = next_entry(buf32, fp, sizeof(u32));
		if (rc < 0) {
		printk(KERN_ERR "security: avtab: truncated entry\n");
		printk(KERN_ERR "SELinux: avtab: truncated entry\n");
		return -1;
		}
		items2 = le32_to_cpu(buf32[0]);
		if (items2 > ARRAY_SIZE(buf32)) {
		printk(KERN_ERR "security: avtab: entry overflow\n");
		printk(KERN_ERR "SELinux: avtab: entry overflow\n");
		return -1;

		}
		rc = next_entry(buf32, fp, sizeof(u32)*items2);
		if (rc < 0) {
		printk(KERN_ERR "security: avtab: truncated entry\n");
		printk(KERN_ERR "SELinux: avtab: truncated entry\n");
		return -1;
		}
		items = 0;
		@@ -364,19 +364,19 @@ int avtab_read_item(struct avtab a, void fp, struct policydb *pol,
		val = le32_to_cpu(buf32[items++]);
		key.source_type = (u16)val;
		if (key.source_type != val) {
		printk("security: avtab: truncated source type\n");
		printk("SELinux: avtab: truncated source type\n");
		return -1;
		}
		val = le32_to_cpu(buf32[items++]);
		key.target_type = (u16)val;
		if (key.target_type != val) {
		printk("security: avtab: truncated target type\n");
		printk("SELinux: avtab: truncated target type\n");
		return -1;
		}
		val = le32_to_cpu(buf32[items++]);
		key.target_class = (u16)val;
		if (key.target_class != val) {
		printk("security: avtab: truncated target class\n");
		printk("SELinux: avtab: truncated target class\n");
		return -1;
		}

		@@ -384,12 +384,12 @@ int avtab_read_item(struct avtab a, void fp, struct policydb *pol,
		enabled = (val & AVTAB_ENABLED_OLD) ? AVTAB_ENABLED : 0;

		if (!(val & (AVTAB_AV \| AVTAB_TYPE))) {
		printk("security: avtab: null entry\n");
		printk("SELinux: avtab: null entry\n");
		return -1;
		}
		if ((val & AVTAB_AV) &&
		(val & AVTAB_TYPE)) {
		printk("security: avtab: entry has both access vectors and types\n");
		printk("SELinux: avtab: entry has both access vectors and types\n");
		return -1;
		}

		@@ -403,7 +403,7 @@ int avtab_read_item(struct avtab a, void fp, struct policydb *pol,
		}

		if (items != items2) {
		printk("security: avtab: entry only had %d items, expected %d\n", items2, items);
		printk("SELinux: avtab: entry only had %d items, expected %d\n", items2, items);
		return -1;
		}
		return 0;
		@@ -411,7 +411,7 @@ int avtab_read_item(struct avtab a, void fp, struct policydb *pol,

		rc = next_entry(buf16, fp, sizeof(u16)*4);
		if (rc < 0) {
		printk("security: avtab: truncated entry\n");
		printk("SELinux: avtab: truncated entry\n");
		return -1;
		}

		@@ -424,7 +424,7 @@ int avtab_read_item(struct avtab a, void fp, struct policydb *pol,
		if (!policydb_type_isvalid(pol, key.source_type) \|\|
		!policydb_type_isvalid(pol, key.target_type) \|\|
		!policydb_class_isvalid(pol, key.target_class)) {
		printk(KERN_WARNING "security: avtab: invalid type or class\n");
		printk(KERN_WARNING "SELinux: avtab: invalid type or class\n");
		return -1;
		}

		@@ -435,19 +435,19 @@ int avtab_read_item(struct avtab a, void fp, struct policydb *pol,
		}
		if (!set \|\| set > 1) {
		printk(KERN_WARNING
		"security: avtab: more than one specifier\n");
		"SELinux: avtab: more than one specifier\n");
		return -1;
		}

		rc = next_entry(buf32, fp, sizeof(u32));
		if (rc < 0) {
		printk("security: avtab: truncated entry\n");
		printk("SELinux: avtab: truncated entry\n");
		return -1;
		}
		datum.data = le32_to_cpu(*buf32);
		if ((key.specified & AVTAB_TYPE) &&
		!policydb_type_isvalid(pol, datum.data)) {
		printk(KERN_WARNING "security: avtab: invalid type\n");
		printk(KERN_WARNING "SELinux: avtab: invalid type\n");
		return -1;
		}
		return insertf(a, &key, &datum, p);
		@@ -468,12 +468,12 @@ int avtab_read(struct avtab a, void fp, struct policydb *pol)

		rc = next_entry(buf, fp, sizeof(u32));
		if (rc < 0) {
		printk(KERN_ERR "security: avtab: truncated table\n");
		printk(KERN_ERR "SELinux: avtab: truncated table\n");
		goto bad;
		}
		nel = le32_to_cpu(buf[0]);
		if (!nel) {
		printk(KERN_ERR "security: avtab: table is empty\n");
		printk(KERN_ERR "SELinux: avtab: table is empty\n");
		rc = -EINVAL;
		goto bad;
		}
		@@ -486,9 +486,9 @@ int avtab_read(struct avtab a, void fp, struct policydb *pol)
		rc = avtab_read_item(a, fp, pol, avtab_insertf, NULL);
		if (rc) {
		if (rc == -ENOMEM)
		printk(KERN_ERR "security: avtab: out of memory\n");
		printk(KERN_ERR "SELinux: avtab: out of memory\n");
		else if (rc == -EEXIST)
		printk(KERN_ERR "security: avtab: duplicate entry\n");
		printk(KERN_ERR "SELinux: avtab: duplicate entry\n");
		else
		rc = -EINVAL;
		goto bad;

security/selinux/ss/conditional.c

+8 −8

Original line number	Diff line number	Diff line
		@@ -96,7 +96,7 @@ int evaluate_cond_node(struct policydb p, struct cond_node node)
		if (new_state != node->cur_state) {
		node->cur_state = new_state;
		if (new_state == -1)
		printk(KERN_ERR "security: expression result was undefined - disabling all rules.\n");
		printk(KERN_ERR "SELinux: expression result was undefined - disabling all rules.\n");
		/* turn the rules on or off */
		for (cur = node->true_list; cur != NULL; cur = cur->next) {
		if (new_state <= 0) {
		@@ -276,7 +276,7 @@ static int cond_insertf(struct avtab a, struct avtab_key k, struct avtab_datum
		*/
		if (k->specified & AVTAB_TYPE) {
		if (avtab_search(&p->te_avtab, k)) {
		printk("security: type rule already exists outside of a conditional.");
		printk("SELinux: type rule already exists outside of a conditional.");
		goto err;
		}
		/*
		@@ -291,7 +291,7 @@ static int cond_insertf(struct avtab a, struct avtab_key k, struct avtab_datum
		node_ptr = avtab_search_node(&p->te_cond_avtab, k);
		if (node_ptr) {
		if (avtab_search_node_next(node_ptr, k->specified)) {
		printk("security: too many conflicting type rules.");
		printk("SELinux: too many conflicting type rules.");
		goto err;
		}
		found = 0;
		@@ -302,13 +302,13 @@ static int cond_insertf(struct avtab a, struct avtab_key k, struct avtab_datum
		}
		}
		if (!found) {
		printk("security: conflicting type rules.\n");
		printk("SELinux: conflicting type rules.\n");
		goto err;
		}
		}
		} else {
		if (avtab_search(&p->te_cond_avtab, k)) {
		printk("security: conflicting type rules when adding type rule for true.\n");
		printk("SELinux: conflicting type rules when adding type rule for true.\n");
		goto err;
		}
		}
		@@ -316,7 +316,7 @@ static int cond_insertf(struct avtab a, struct avtab_key k, struct avtab_datum

		node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d);
		if (!node_ptr) {
		printk("security: could not insert rule.");
		printk("SELinux: could not insert rule.");
		goto err;
		}

		@@ -376,12 +376,12 @@ static int cond_read_av_list(struct policydb p, void fp, struct cond_av_list *
		static int expr_isvalid(struct policydb p, struct cond_expr expr)
		{
		if (expr->expr_type <= 0 \|\| expr->expr_type > COND_LAST) {
		printk("security: conditional expressions uses unknown operator.\n");
		printk("SELinux: conditional expressions uses unknown operator.\n");
		return 0;
		}

		if (expr->bool > p->p_bools.nprim) {
		printk("security: conditional expressions uses unknown bool.\n");
		printk("SELinux: conditional expressions uses unknown bool.\n");
		return 0;
		}
		return 1;

security/selinux/ss/ebitmap.c

+7 −7

Original line number	Diff line number	Diff line
		@@ -364,7 +364,7 @@ int ebitmap_read(struct ebitmap e, void fp)
		count = le32_to_cpu(buf[2]);

		if (mapunit != sizeof(u64) * 8) {
		printk(KERN_ERR "security: ebitmap: map size %u does not "
		printk(KERN_ERR "SELinux: ebitmap: map size %u does not "
		"match my size %Zd (high bit was %d)\n",
		mapunit, sizeof(u64) * 8, e->highbit);
		goto bad;
		@@ -382,19 +382,19 @@ int ebitmap_read(struct ebitmap e, void fp)
		for (i = 0; i < count; i++) {
		rc = next_entry(&startbit, fp, sizeof(u32));
		if (rc < 0) {
		printk(KERN_ERR "security: ebitmap: truncated map\n");
		printk(KERN_ERR "SELinux: ebitmap: truncated map\n");
		goto bad;
		}
		startbit = le32_to_cpu(startbit);

		if (startbit & (mapunit - 1)) {
		printk(KERN_ERR "security: ebitmap start bit (%d) is "
		printk(KERN_ERR "SELinux: ebitmap start bit (%d) is "
		"not a multiple of the map unit size (%u)\n",
		startbit, mapunit);
		goto bad;
		}
		if (startbit > e->highbit - mapunit) {
		printk(KERN_ERR "security: ebitmap start bit (%d) is "
		printk(KERN_ERR "SELinux: ebitmap start bit (%d) is "
		"beyond the end of the bitmap (%u)\n",
		startbit, (e->highbit - mapunit));
		goto bad;
		@@ -405,7 +405,7 @@ int ebitmap_read(struct ebitmap e, void fp)
		tmp = kzalloc(sizeof(*tmp), GFP_KERNEL);
		if (!tmp) {
		printk(KERN_ERR
		"security: ebitmap: out of memory\n");
		"SELinux: ebitmap: out of memory\n");
		rc = -ENOMEM;
		goto bad;
		}
		@@ -418,7 +418,7 @@ int ebitmap_read(struct ebitmap e, void fp)
		}
		n = tmp;
		} else if (startbit <= n->startbit) {
		printk(KERN_ERR "security: ebitmap: start bit %d"
		printk(KERN_ERR "SELinux: ebitmap: start bit %d"
		" comes after start bit %d\n",
		startbit, n->startbit);
		goto bad;
		@@ -426,7 +426,7 @@ int ebitmap_read(struct ebitmap e, void fp)

		rc = next_entry(&map, fp, sizeof(u64));
		if (rc < 0) {
		printk(KERN_ERR "security: ebitmap: truncated map\n");
		printk(KERN_ERR "SELinux: ebitmap: truncated map\n");
		goto bad;
		}
		map = le64_to_cpu(map);

security/selinux/ss/policydb.c

+27 −27

Original line number	Diff line number	Diff line
		@@ -401,14 +401,14 @@ static int policydb_index_others(struct policydb *p)
		{
		int i, rc = 0;

		printk(KERN_DEBUG "security: %d users, %d roles, %d types, %d bools",
		printk(KERN_DEBUG "SELinux: %d users, %d roles, %d types, %d bools",
		p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim, p->p_bools.nprim);
		if (selinux_mls_enabled)
		printk(", %d sens, %d cats", p->p_levels.nprim,
		p->p_cats.nprim);
		printk("\n");

		printk(KERN_DEBUG "security: %d classes, %d rules\n",
		printk(KERN_DEBUG "SELinux: %d classes, %d rules\n",
		p->p_classes.nprim, p->te_avtab.nel);

		#ifdef DEBUG_HASHES
		@@ -702,20 +702,20 @@ int policydb_load_isids(struct policydb p, struct sidtab s)

		rc = sidtab_init(s);
		if (rc) {
		printk(KERN_ERR "security: out of memory on SID table init\n");
		printk(KERN_ERR "SELinux: out of memory on SID table init\n");
		goto out;
		}

		head = p->ocontexts[OCON_ISID];
		for (c = head; c; c = c->next) {
		if (!c->context[0].user) {
		printk(KERN_ERR "security: SID %s was never "
		printk(KERN_ERR "SELinux: SID %s was never "
		"defined.\n", c->u.name);
		rc = -EINVAL;
		goto out;
		}
		if (sidtab_insert(s, c->sid[0], &c->context[0])) {
		printk(KERN_ERR "security: unable to load initial "
		printk(KERN_ERR "SELinux: unable to load initial "
		"SID %s.\n", c->u.name);
		rc = -EINVAL;
		goto out;
		@@ -809,13 +809,13 @@ static int mls_read_range_helper(struct mls_range r, void fp)

		items = le32_to_cpu(buf[0]);
		if (items > ARRAY_SIZE(buf)) {
		printk(KERN_ERR "security: mls: range overflow\n");
		printk(KERN_ERR "SELinux: mls: range overflow\n");
		rc = -EINVAL;
		goto out;
		}
		rc = next_entry(buf, fp, sizeof(u32) * items);
		if (rc < 0) {
		printk(KERN_ERR "security: mls: truncated range\n");
		printk(KERN_ERR "SELinux: mls: truncated range\n");
		goto out;
		}
		r->level[0].sens = le32_to_cpu(buf[0]);
		@@ -826,21 +826,21 @@ static int mls_read_range_helper(struct mls_range r, void fp)

		rc = ebitmap_read(&r->level[0].cat, fp);
		if (rc) {
		printk(KERN_ERR "security: mls: error reading low "
		printk(KERN_ERR "SELinux: mls: error reading low "
		"categories\n");
		goto out;
		}
		if (items > 1) {
		rc = ebitmap_read(&r->level[1].cat, fp);
		if (rc) {
		printk(KERN_ERR "security: mls: error reading high "
		printk(KERN_ERR "SELinux: mls: error reading high "
		"categories\n");
		goto bad_high;
		}
		} else {
		rc = ebitmap_cpy(&r->level[1].cat, &r->level[0].cat);
		if (rc) {
		printk(KERN_ERR "security: mls: out of memory\n");
		printk(KERN_ERR "SELinux: mls: out of memory\n");
		goto bad_high;
		}
		}
		@@ -866,7 +866,7 @@ static int context_read_and_validate(struct context *c,

		rc = next_entry(buf, fp, sizeof buf);
		if (rc < 0) {
		printk(KERN_ERR "security: context truncated\n");
		printk(KERN_ERR "SELinux: context truncated\n");
		goto out;
		}
		c->user = le32_to_cpu(buf[0]);
		@@ -874,7 +874,7 @@ static int context_read_and_validate(struct context *c,
		c->type = le32_to_cpu(buf[2]);
		if (p->policyvers >= POLICYDB_VERSION_MLS) {
		if (mls_read_range_helper(&c->range, fp)) {
		printk(KERN_ERR "security: error reading MLS range of "
		printk(KERN_ERR "SELinux: error reading MLS range of "
		"context\n");
		rc = -EINVAL;
		goto out;
		@@ -882,7 +882,7 @@ static int context_read_and_validate(struct context *c,
		}

		if (!policydb_context_isvalid(p, c)) {
		printk(KERN_ERR "security: invalid security context\n");
		printk(KERN_ERR "SELinux: invalid security context\n");
		context_destroy(c);
		rc = -EINVAL;
		}
		@@ -1128,7 +1128,7 @@ static int class_read(struct policydb p, struct hashtab h, void *fp)
		cladatum->comdatum = hashtab_search(p->p_commons.table,
		cladatum->comkey);
		if (!cladatum->comdatum) {
		printk(KERN_ERR "security: unknown common %s\n",
		printk(KERN_ERR "SELinux: unknown common %s\n",
		cladatum->comkey);
		rc = -EINVAL;
		goto bad;
		@@ -1283,13 +1283,13 @@ static int mls_read_level(struct mls_level lp, void fp)

		rc = next_entry(buf, fp, sizeof buf);
		if (rc < 0) {
		printk(KERN_ERR "security: mls: truncated level\n");
		printk(KERN_ERR "SELinux: mls: truncated level\n");
		goto bad;
		}
		lp->sens = le32_to_cpu(buf[0]);

		if (ebitmap_read(&lp->cat, fp)) {
		printk(KERN_ERR "security: mls: error reading level "
		printk(KERN_ERR "SELinux: mls: error reading level "
		"categories\n");
		goto bad;
		}
		@@ -1491,7 +1491,7 @@ int policydb_read(struct policydb p, void fp)
		goto bad;

		if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) {
		printk(KERN_ERR "security: policydb magic number 0x%x does "
		printk(KERN_ERR "SELinux: policydb magic number 0x%x does "
		"not match expected magic number 0x%x\n",
		le32_to_cpu(buf[0]), POLICYDB_MAGIC);
		goto bad;
		@@ -1499,27 +1499,27 @@ int policydb_read(struct policydb p, void fp)

		len = le32_to_cpu(buf[1]);
		if (len != strlen(POLICYDB_STRING)) {
		printk(KERN_ERR "security: policydb string length %d does not "
		printk(KERN_ERR "SELinux: policydb string length %d does not "
		"match expected length %Zu\n",
		len, strlen(POLICYDB_STRING));
		goto bad;
		}
		policydb_str = kmalloc(len + 1,GFP_KERNEL);
		if (!policydb_str) {
		printk(KERN_ERR "security: unable to allocate memory for policydb "
		printk(KERN_ERR "SELinux: unable to allocate memory for policydb "
		"string of length %d\n", len);
		rc = -ENOMEM;
		goto bad;
		}
		rc = next_entry(policydb_str, fp, len);
		if (rc < 0) {
		printk(KERN_ERR "security: truncated policydb string identifier\n");
		printk(KERN_ERR "SELinux: truncated policydb string identifier\n");
		kfree(policydb_str);
		goto bad;
		}
		policydb_str[len] = 0;
		if (strcmp(policydb_str, POLICYDB_STRING)) {
		printk(KERN_ERR "security: policydb string %s does not match "
		printk(KERN_ERR "SELinux: policydb string %s does not match "
		"my string %s\n", policydb_str, POLICYDB_STRING);
		kfree(policydb_str);
		goto bad;
		@@ -1536,7 +1536,7 @@ int policydb_read(struct policydb p, void fp)
		p->policyvers = le32_to_cpu(buf[0]);
		if (p->policyvers < POLICYDB_VERSION_MIN \|\|
		p->policyvers > POLICYDB_VERSION_MAX) {
		printk(KERN_ERR "security: policydb version %d does not match "
		printk(KERN_ERR "SELinux: policydb version %d does not match "
		"my version range %d-%d\n",
		le32_to_cpu(buf[0]), POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX);
		goto bad;
		@@ -1572,14 +1572,14 @@ int policydb_read(struct policydb p, void fp)

		info = policydb_lookup_compat(p->policyvers);
		if (!info) {
		printk(KERN_ERR "security: unable to find policy compat info "
		printk(KERN_ERR "SELinux: unable to find policy compat info "
		"for version %d\n", p->policyvers);
		goto bad;
		}

		if (le32_to_cpu(buf[2]) != info->sym_num \|\|
		le32_to_cpu(buf[3]) != info->ocon_num) {
		printk(KERN_ERR "security: policydb table sizes (%d,%d) do "
		printk(KERN_ERR "SELinux: policydb table sizes (%d,%d) do "
		"not match mine (%d,%d)\n", le32_to_cpu(buf[2]),
		le32_to_cpu(buf[3]),
		info->sym_num, info->ocon_num);
		@@ -1823,7 +1823,7 @@ int policydb_read(struct policydb p, void fp)
		for (genfs_p = NULL, genfs = p->genfs; genfs;
		genfs_p = genfs, genfs = genfs->next) {
		if (strcmp(newgenfs->fstype, genfs->fstype) == 0) {
		printk(KERN_ERR "security: dup genfs "
		printk(KERN_ERR "SELinux: dup genfs "
		"fstype %s\n", newgenfs->fstype);
		kfree(newgenfs->fstype);
		kfree(newgenfs);
		@@ -1873,7 +1873,7 @@ int policydb_read(struct policydb p, void fp)
		if (!strcmp(newc->u.name, c->u.name) &&
		(!c->v.sclass \|\| !newc->v.sclass \|\|
		newc->v.sclass == c->v.sclass)) {
		printk(KERN_ERR "security: dup genfs "
		printk(KERN_ERR "SELinux: dup genfs "
		"entry (%s,%s)\n",
		newgenfs->fstype, c->u.name);
		goto bad_newc;
		@@ -1931,7 +1931,7 @@ int policydb_read(struct policydb p, void fp)
		if (rc)
		goto bad;
		if (!mls_range_isvalid(p, &rt->target_range)) {
		printk(KERN_WARNING "security: rangetrans: invalid range\n");
		printk(KERN_WARNING "SELinux: rangetrans: invalid range\n");
		goto bad;
		}
		lrt = rt;

security/selinux/ss/services.c

+14 −14

Original line number	Diff line number	Diff line
		@@ -1096,7 +1096,7 @@ static int validate_classes(struct policydb *p)
		continue;
		if (i > p->p_classes.nprim) {
		printk(KERN_INFO
		"security: class %s not defined in policy\n",
		"SELinux: class %s not defined in policy\n",
		def_class);
		if (p->reject_unknown)
		return -EINVAL;
		@@ -1107,7 +1107,7 @@ static int validate_classes(struct policydb *p)
		pol_class = p->p_class_val_to_name[i-1];
		if (strcmp(pol_class, def_class)) {
		printk(KERN_ERR
		"security: class %d is incorrect, found %s but should be %s\n",
		"SELinux: class %d is incorrect, found %s but should be %s\n",
		i, pol_class, def_class);
		return -EINVAL;
		}
		@@ -1125,7 +1125,7 @@ static int validate_classes(struct policydb *p)
		nprim = 1 << (perms->nprim - 1);
		if (perm_val > nprim) {
		printk(KERN_INFO
		"security: permission %s in class %s not defined in policy\n",
		"SELinux: permission %s in class %s not defined in policy\n",
		def_perm, pol_class);
		if (p->reject_unknown)
		return -EINVAL;
		@@ -1136,14 +1136,14 @@ static int validate_classes(struct policydb *p)
		perdatum = hashtab_search(perms->table, def_perm);
		if (perdatum == NULL) {
		printk(KERN_ERR
		"security: permission %s in class %s not found in policy, bad policy\n",
		"SELinux: permission %s in class %s not found in policy, bad policy\n",
		def_perm, pol_class);
		return -EINVAL;
		}
		pol_val = 1 << (perdatum->value - 1);
		if (pol_val != perm_val) {
		printk(KERN_ERR
		"security: permission %s in class %s has incorrect value\n",
		"SELinux: permission %s in class %s has incorrect value\n",
		def_perm, pol_class);
		return -EINVAL;
		}
		@@ -1157,7 +1157,7 @@ static int validate_classes(struct policydb *p)
		BUG_ON(!cladatum);
		if (!cladatum->comdatum) {
		printk(KERN_ERR
		"security: class %s should have an inherits clause but does not\n",
		"SELinux: class %s should have an inherits clause but does not\n",
		pol_class);
		return -EINVAL;
		}
		@@ -1172,7 +1172,7 @@ static int validate_classes(struct policydb *p)
		def_perm = kdefs->av_inherit[i].common_pts[j];
		if (j >= perms->nprim) {
		printk(KERN_INFO
		"security: permission %s in class %s not defined in policy\n",
		"SELinux: permission %s in class %s not defined in policy\n",
		def_perm, pol_class);
		if (p->reject_unknown)
		return -EINVAL;
		@@ -1183,13 +1183,13 @@ static int validate_classes(struct policydb *p)
		perdatum = hashtab_search(perms->table, def_perm);
		if (perdatum == NULL) {
		printk(KERN_ERR
		"security: permission %s in class %s not found in policy, bad policy\n",
		"SELinux: permission %s in class %s not found in policy, bad policy\n",
		def_perm, pol_class);
		return -EINVAL;
		}
		if (perdatum->value != j + 1) {
		printk(KERN_ERR
		"security: permission %s in class %s has incorrect value\n",
		"SELinux: permission %s in class %s has incorrect value\n",
		def_perm, pol_class);
		return -EINVAL;
		}
		@@ -1219,7 +1219,7 @@ static inline int convert_context_handle_invalid_context(struct context *context
		u32 len;

		context_struct_to_string(context, &s, &len);
		printk(KERN_ERR "security: context %s is invalid\n", s);
		printk(KERN_ERR "SELinux: context %s is invalid\n", s);
		kfree(s);
		}
		return rc;
		@@ -1299,7 +1299,7 @@ static int convert_context(u32 key,
		bad:
		context_struct_to_string(&oldc, &s, &len);
		context_destroy(&oldc);
		printk(KERN_ERR "security: invalidating context %s\n", s);
		printk(KERN_ERR "SELinux: invalidating context %s\n", s);
		kfree(s);
		goto out;
		}
		@@ -1350,7 +1350,7 @@ int security_load_policy(void *data, size_t len)
		/* Verify that the kernel defined classes are correct. */
		if (validate_classes(&policydb)) {
		printk(KERN_ERR
		"security: the definition of a class is incorrect\n");
		"SELinux: the definition of a class is incorrect\n");
		LOAD_UNLOCK;
		sidtab_destroy(&sidtab);
		policydb_destroy(&policydb);
		@@ -1384,14 +1384,14 @@ int security_load_policy(void *data, size_t len)
		/* Verify that the kernel defined classes are correct. */
		if (validate_classes(&newpolicydb)) {
		printk(KERN_ERR
		"security: the definition of a class is incorrect\n");
		"SELinux: the definition of a class is incorrect\n");
		rc = -EINVAL;
		goto err;
		}

		rc = security_preserve_bools(&newpolicydb);
		if (rc) {
		printk(KERN_ERR "security: unable to preserve booleans\n");
		printk(KERN_ERR "SELinux: unable to preserve booleans\n");
		goto err;
		}