summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2019-02-05 17:49:32 +0100
committerPaul Moore <paul@paul-moore.com>2019-02-05 18:34:33 +0100
commit45189a1998e00f6375ebd49d1e18161acddd73de (patch)
treea73db80ede5b0a2607ddf8b158399a0c5e2a473e /security
parentselinux: replace BUG_ONs with WARN_ONs in avc.c (diff)
downloadlinux-45189a1998e00f6375ebd49d1e18161acddd73de.tar.xz
linux-45189a1998e00f6375ebd49d1e18161acddd73de.zip
selinux: fix avc audit messages
commit a2c513835bb6c6 ("selinux: inline some AVC functions used only once") introduced usage of audit_log_string() in place of audit_log_format() for fixed strings. However, audit_log_string() quotes the string. This breaks the avc audit message format and userspace audit parsers. Switch back to using audit_log_format(). Fixes: a2c513835bb6c6 ("selinux: inline some AVC functions used only once") Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/avc.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 33863298a9b5..8346a4f7c5d7 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -674,13 +674,13 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a)
audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted");
if (av == 0) {
- audit_log_string(ab, " null");
+ audit_log_format(ab, " null");
return;
}
perms = secclass_map[sad->tclass-1].perms;
- audit_log_string(ab, " {");
+ audit_log_format(ab, " {");
i = 0;
perm = 1;
while (i < (sizeof(av) * 8)) {
@@ -695,7 +695,7 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a)
if (av)
audit_log_format(ab, " 0x%x", av);
- audit_log_string(ab, " } for ");
+ audit_log_format(ab, " } for ");
}
/**