Commit d81165919ebf6e1cb9eeb612150f9287ad414659
Committed by
Al Viro
Al Viro
1 parent
939cbf260c
Exists in
master
and in
20 other branches
lsm: Use a compressed IPv6 string format in audit events
Currently the audit subsystem prints uncompressed IPv6 addresses which not
only differs from common usage but also results in ridiculously large audit
strings which is not a good thing. This patch fixes this by simply converting
audit to always print compressed IPv6 addresses.
Old message example:
audit(1253576792.161:30): avc: denied { ingress } for
saddr=0000:0000:0000:0000:0000:0000:0000:0001 src=5000
daddr=0000:0000:0000:0000:0000:0000:0000:0001 dest=35502 netif=lo
scontext=system_u:object_r:unlabeled_t:s15:c0.c1023
tcontext=system_u:object_r:lo_netif_t:s0-s15:c0.c1023 tclass=netif
New message example:
audit(1253576792.161:30): avc: denied { ingress } for
saddr=::1 src=5000 daddr=::1 dest=35502 netif=lo
scontext=system_u:object_r:unlabeled_t:s15:c0.c1023
tcontext=system_u:object_r:lo_netif_t:s0-s15:c0.c1023 tclass=netif
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Showing 1 changed file with 1 additions and 1 deletions Side-by-side Diff
security/lsm_audit.c
| ... | ... | @@ -187,7 +187,7 @@ |
| 187 | 187 | char *name1, char *name2) |
| 188 | 188 | { |
| 189 | 189 | if (!ipv6_addr_any(addr)) |
| 190 | - audit_log_format(ab, " %s=%pI6", name1, addr); | |
| 190 | + audit_log_format(ab, " %s=%pI6c", name1, addr); | |
| 191 | 191 | if (port) |
| 192 | 192 | audit_log_format(ab, " %s=%d", name2, ntohs(port)); |
| 193 | 193 | } |