From: Stephen Smalley Date: Tue, 5 Feb 2019 16:49:32 +0000 (-0500) Subject: selinux: fix avc audit messages X-Git-Tag: v5.1-rc1~131^2 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=45189a1998e00f6375ebd49d1e18161acddd73de;p=users%2Fgriffoul%2Flinux.git selinux: fix avc audit messages commit a2c513835bb6c6 ("selinux: inline some AVC functions used only once") introduced usage of audit_log_string() in place of audit_log_format() for fixed strings. However, audit_log_string() quotes the string. This breaks the avc audit message format and userspace audit parsers. Switch back to using audit_log_format(). Fixes: a2c513835bb6c6 ("selinux: inline some AVC functions used only once") Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 33863298a9b5..8346a4f7c5d7 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -674,13 +674,13 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted"); if (av == 0) { - audit_log_string(ab, " null"); + audit_log_format(ab, " null"); return; } perms = secclass_map[sad->tclass-1].perms; - audit_log_string(ab, " {"); + audit_log_format(ab, " {"); i = 0; perm = 1; while (i < (sizeof(av) * 8)) { @@ -695,7 +695,7 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) if (av) audit_log_format(ab, " 0x%x", av); - audit_log_string(ab, " } for "); + audit_log_format(ab, " } for "); } /**