summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorStefan Berger <stefanb@linux.vnet.ibm.com>2018-06-04 22:54:53 +0200
committerMimi Zohar <zohar@linux.vnet.ibm.com>2018-07-18 13:27:22 +0200
commit3d2859d5d4c33b12327764b887039bca15a37e57 (patch)
treeee2692a5da1290d46c0f0d622c382b9bdd6377d0 /security
parentima: Call audit_log_string() rather than logging it untrusted (diff)
downloadlinux-3d2859d5d4c33b12327764b887039bca15a37e57.tar.xz
linux-3d2859d5d4c33b12327764b887039bca15a37e57.zip
ima: Use audit_log_format() rather than audit_log_string()
Remove the usage of audit_log_string() and replace it with audit_log_format(). Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Suggested-by: Steve Grubb <sgrubb@redhat.com> Acked-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security')
-rw-r--r--security/integrity/ima/ima_policy.c3
-rw-r--r--security/integrity/integrity_audit.c6
2 files changed, 2 insertions, 7 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index f45768469003..50ead724ba23 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -663,8 +663,7 @@ static void ima_log_string_op(struct audit_buffer *ab, char *key, char *value,
audit_log_format(ab, "%s<", key);
else
audit_log_format(ab, "%s=", key);
- audit_log_string(ab, value);
- audit_log_format(ab, " ");
+ audit_log_format(ab, "%s ", value);
}
static void ima_log_string(struct audit_buffer *ab, char *key, char *value)
{
diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
index ab10a25310a1..82c98f7d217e 100644
--- a/security/integrity/integrity_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -45,11 +45,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
from_kuid(&init_user_ns, audit_get_loginuid(current)),
audit_get_sessionid(current));
audit_log_task_context(ab);
- audit_log_format(ab, " op=");
- audit_log_string(ab, op);
- audit_log_format(ab, " cause=");
- audit_log_string(ab, cause);
- audit_log_format(ab, " comm=");
+ audit_log_format(ab, " op=%s cause=%s comm=", op, cause);
audit_log_untrustedstring(ab, get_task_comm(name, current));
if (fname) {
audit_log_format(ab, " name=");