Commit 4093a8443941d7021c7f747474a87a56cf666270
Committed by
Paul Moore
1 parent
e173fb2646
Exists in
ti-lsk-linux-4.1.y
and in
10 other branches
selinux: normalize audit log formatting
Restructure to keyword=value pairs without spaces. Drop superfluous words in text. Make invalid_context a keyword. Change result= keyword to seresult=. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> [Minor rewrite to the patch subject line] Signed-off-by: Paul Moore <pmoore@redhat.com>
Showing 1 changed file with 8 additions and 6 deletions Side-by-side Diff
security/selinux/ss/services.c
... | ... | @@ -728,7 +728,7 @@ |
728 | 728 | if (context_struct_to_string(tcontext, &t, &tlen)) |
729 | 729 | goto out; |
730 | 730 | audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, |
731 | - "security_validate_transition: denied for" | |
731 | + "op=security_validate_transition seresult=denied" | |
732 | 732 | " oldcontext=%s newcontext=%s taskcontext=%s tclass=%s", |
733 | 733 | o, n, t, sym_name(&policydb, SYM_CLASSES, tclass-1)); |
734 | 734 | out: |
... | ... | @@ -877,7 +877,7 @@ |
877 | 877 | audit_log(current->audit_context, |
878 | 878 | GFP_ATOMIC, AUDIT_SELINUX_ERR, |
879 | 879 | "op=security_bounded_transition " |
880 | - "result=denied " | |
880 | + "seresult=denied " | |
881 | 881 | "oldcontext=%s newcontext=%s", |
882 | 882 | old_name, new_name); |
883 | 883 | } |
... | ... | @@ -1351,8 +1351,8 @@ |
1351 | 1351 | if (context_struct_to_string(newcontext, &n, &nlen)) |
1352 | 1352 | goto out; |
1353 | 1353 | audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, |
1354 | - "security_compute_sid: invalid context %s" | |
1355 | - " for scontext=%s" | |
1354 | + "op=security_compute_sid invalid_context=%s" | |
1355 | + " scontext=%s" | |
1356 | 1356 | " tcontext=%s" |
1357 | 1357 | " tclass=%s", |
1358 | 1358 | n, s, t, sym_name(&policydb, SYM_CLASSES, tclass-1)); |
... | ... | @@ -2607,8 +2607,10 @@ |
2607 | 2607 | rc = convert_context_handle_invalid_context(&newcon); |
2608 | 2608 | if (rc) { |
2609 | 2609 | if (!context_struct_to_string(&newcon, &s, &len)) { |
2610 | - audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, | |
2611 | - "security_sid_mls_copy: invalid context %s", s); | |
2610 | + audit_log(current->audit_context, | |
2611 | + GFP_ATOMIC, AUDIT_SELINUX_ERR, | |
2612 | + "op=security_sid_mls_copy " | |
2613 | + "invalid_context=%s", s); | |
2612 | 2614 | kfree(s); |
2613 | 2615 | } |
2614 | 2616 | goto out_unlock; |