diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2019-02-05 17:49:32 +0100 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2019-02-05 18:34:33 +0100 |
commit | 45189a1998e00f6375ebd49d1e18161acddd73de (patch) | |
tree | a73db80ede5b0a2607ddf8b158399a0c5e2a473e /security | |
parent | selinux: replace BUG_ONs with WARN_ONs in avc.c (diff) | |
download | linux-45189a1998e00f6375ebd49d1e18161acddd73de.tar.xz linux-45189a1998e00f6375ebd49d1e18161acddd73de.zip |
selinux: fix avc audit messages
commit a2c513835bb6c6 ("selinux: inline some AVC functions used only once")
introduced usage of audit_log_string() in place of audit_log_format()
for fixed strings. However, audit_log_string() quotes the string.
This breaks the avc audit message format and userspace audit parsers.
Switch back to using audit_log_format().
Fixes: a2c513835bb6c6 ("selinux: inline some AVC functions used only once")
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/avc.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 33863298a9b5..8346a4f7c5d7 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -674,13 +674,13 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted"); if (av == 0) { - audit_log_string(ab, " null"); + audit_log_format(ab, " null"); return; } perms = secclass_map[sad->tclass-1].perms; - audit_log_string(ab, " {"); + audit_log_format(ab, " {"); i = 0; perm = 1; while (i < (sizeof(av) * 8)) { @@ -695,7 +695,7 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) if (av) audit_log_format(ab, " 0x%x", av); - audit_log_string(ab, " } for "); + audit_log_format(ab, " } for "); } /** |