selinux: normalize audit log formatting

Restructure to keyword=value pairs without spaces. Drop superfluous words in text. Make invalid_context a keyword. Change result= keyword to seresult=. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> [Minor rewrite to the patch subject line] Signed-off-by: Paul Moore <pmoore@redhat.com>

selinux: normalize audit log formatting
Restructure to keyword=value pairs without spaces. Drop superfluous words in text. Make invalid_context a keyword. Change result= keyword to seresult=. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> [Minor rewrite to the patch subject line] Signed-off-by: Paul Moore <pmoore@redhat.com>
Richard Guy Briggs · Paul Moore
1 parent e173fb2646
Showing 1 changed file with 8 additions and 6 deletions Side-by-side Diff
security/selinux/ss/services.c
@@ -728,7 +728,7 @@
 	if (context_struct_to_string(tcontext, &t, &tlen))
 		goto out;
 	audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
-		  "security_validate_transition:  denied for"
+		  "op=security_validate_transition seresult=denied"
 		  " oldcontext=%s newcontext=%s taskcontext=%s tclass=%s",
 		  o, n, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
 out:
@@ -877,7 +877,7 @@
 			audit_log(current->audit_context,
 				  GFP_ATOMIC, AUDIT_SELINUX_ERR,
 				  "op=security_bounded_transition "
-				  "result=denied "
+				  "seresult=denied "
 				  "oldcontext=%s newcontext=%s",
 				  old_name, new_name);
 		}
@@ -1351,8 +1351,8 @@
 	if (context_struct_to_string(newcontext, &n, &nlen))
 		goto out;
 	audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
-		  "security_compute_sid:  invalid context %s"
-		  " for scontext=%s"
+		  "op=security_compute_sid invalid_context=%s"
+		  " scontext=%s"
 		  " tcontext=%s"
 		  " tclass=%s",
 		  n, s, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
@@ -2607,8 +2607,10 @@
 		rc = convert_context_handle_invalid_context(&newcon);
 		if (rc) {
 			if (!context_struct_to_string(&newcon, &s, &len)) {
-				audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
-					  "security_sid_mls_copy: invalid context %s", s);
+				audit_log(current->audit_context,
+					  GFP_ATOMIC, AUDIT_SELINUX_ERR,
+					  "op=security_sid_mls_copy "
+					  "invalid_context=%s", s);
 				kfree(s);
 			}
 			goto out_unlock;
...	...	@@ -728,7 +728,7 @@
728	728	if (context_struct_to_string(tcontext, &t, &tlen))
729	729	goto out;
730	730	audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
731		- "security_validate_transition: denied for"
	731	+ "op=security_validate_transition seresult=denied"
732	732	" oldcontext=%s newcontext=%s taskcontext=%s tclass=%s",
733	733	o, n, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
734	734	out:
...	...	@@ -877,7 +877,7 @@
877	877	audit_log(current->audit_context,
878	878	GFP_ATOMIC, AUDIT_SELINUX_ERR,
879	879	"op=security_bounded_transition "
880		- "result=denied "
	880	+ "seresult=denied "
881	881	"oldcontext=%s newcontext=%s",
882	882	old_name, new_name);
883	883	}
...	...	@@ -1351,8 +1351,8 @@
1351	1351	if (context_struct_to_string(newcontext, &n, &nlen))
1352	1352	goto out;
1353	1353	audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
1354		- "security_compute_sid: invalid context %s"
1355		- " for scontext=%s"
	1354	+ "op=security_compute_sid invalid_context=%s"
	1355	+ " scontext=%s"
1356	1356	" tcontext=%s"
1357	1357	" tclass=%s",
1358	1358	n, s, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
...	...	@@ -2607,8 +2607,10 @@
2607	2607	rc = convert_context_handle_invalid_context(&newcon);
2608	2608	if (rc) {
2609	2609	if (!context_struct_to_string(&newcon, &s, &len)) {
2610		- audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
2611		- "security_sid_mls_copy: invalid context %s", s);
	2610	+ audit_log(current->audit_context,
	2611	+ GFP_ATOMIC, AUDIT_SELINUX_ERR,
	2612	+ "op=security_sid_mls_copy "
	2613	+ "invalid_context=%s", s);
2612	2614	kfree(s);
2613	2615	}
2614	2616	goto out_unlock;