* [PATCH] selinux: services: cleanup orphan keywords in audit log text
@ 2014-09-19 0:47 Richard Guy Briggs
2014-09-22 21:11 ` Paul Moore
0 siblings, 1 reply; 2+ messages in thread
From: Richard Guy Briggs @ 2014-09-19 0:47 UTC (permalink / raw)
To: linux-security-module, selinux, linux-audit, linux-kernel
Cc: Richard Guy Briggs, pmoore, eparis, sgrubb
Restructure to keyword=value pairs without spaces. Drop superfluous words in
text. Make invalid_context a keyword. Change result= keyword to seresult=.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
---
security/selinux/ss/services.c | 14 ++++++++------
1 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 4bca494..e822910 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -728,7 +728,7 @@ static int security_validtrans_handle_fail(struct context *ocontext,
if (context_struct_to_string(tcontext, &t, &tlen))
goto out;
audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
- "security_validate_transition: denied for"
+ "op=security_validate_transition seresult=denied"
" oldcontext=%s newcontext=%s taskcontext=%s tclass=%s",
o, n, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
out:
@@ -877,7 +877,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid)
audit_log(current->audit_context,
GFP_ATOMIC, AUDIT_SELINUX_ERR,
"op=security_bounded_transition "
- "result=denied "
+ "seresult=denied "
"oldcontext=%s newcontext=%s",
old_name, new_name);
}
@@ -1351,8 +1351,8 @@ static int compute_sid_handle_invalid_context(
if (context_struct_to_string(newcontext, &n, &nlen))
goto out;
audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
- "security_compute_sid: invalid context %s"
- " for scontext=%s"
+ "op=security_compute_sid invalid_context=%s"
+ " scontext=%s"
" tcontext=%s"
" tclass=%s",
n, s, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
@@ -2584,8 +2584,10 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)
rc = convert_context_handle_invalid_context(&newcon);
if (rc) {
if (!context_struct_to_string(&newcon, &s, &len)) {
- audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
- "security_sid_mls_copy: invalid context %s", s);
+ audit_log(current->audit_context,
+ GFP_ATOMIC, AUDIT_SELINUX_ERR,
+ "op=security_sid_mls_copy "
+ "invalid_context=%s", s);
kfree(s);
}
goto out_unlock;
--
1.7.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] selinux: services: cleanup orphan keywords in audit log text
2014-09-19 0:47 [PATCH] selinux: services: cleanup orphan keywords in audit log text Richard Guy Briggs
@ 2014-09-22 21:11 ` Paul Moore
0 siblings, 0 replies; 2+ messages in thread
From: Paul Moore @ 2014-09-22 21:11 UTC (permalink / raw)
To: Richard Guy Briggs
Cc: linux-security-module, selinux, linux-audit, linux-kernel,
eparis, sgrubb
On Thursday, September 18, 2014 08:47:48 PM Richard Guy Briggs wrote:
> Restructure to keyword=value pairs without spaces. Drop superfluous words
> in text. Make invalid_context a keyword. Change result= keyword to
> seresult=.
>
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
> ---
> security/selinux/ss/services.c | 14 ++++++++------
> 1 files changed, 8 insertions(+), 6 deletions(-)
Applied with a minor rewrite to the subject line.
> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
> index 4bca494..e822910 100644
> --- a/security/selinux/ss/services.c
> +++ b/security/selinux/ss/services.c
> @@ -728,7 +728,7 @@ static int security_validtrans_handle_fail(struct
> context *ocontext, if (context_struct_to_string(tcontext, &t, &tlen))
> goto out;
> audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
> - "security_validate_transition: denied for"
> + "op=security_validate_transition seresult=denied"
> " oldcontext=%s newcontext=%s taskcontext=%s tclass=%s",
> o, n, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
> out:
> @@ -877,7 +877,7 @@ int security_bounded_transition(u32 old_sid, u32
> new_sid) audit_log(current->audit_context,
> GFP_ATOMIC, AUDIT_SELINUX_ERR,
> "op=security_bounded_transition "
> - "result=denied "
> + "seresult=denied "
> "oldcontext=%s newcontext=%s",
> old_name, new_name);
> }
> @@ -1351,8 +1351,8 @@ static int compute_sid_handle_invalid_context(
> if (context_struct_to_string(newcontext, &n, &nlen))
> goto out;
> audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
> - "security_compute_sid: invalid context %s"
> - " for scontext=%s"
> + "op=security_compute_sid invalid_context=%s"
> + " scontext=%s"
> " tcontext=%s"
> " tclass=%s",
> n, s, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
> @@ -2584,8 +2584,10 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32
> *new_sid) rc = convert_context_handle_invalid_context(&newcon);
> if (rc) {
> if (!context_struct_to_string(&newcon, &s, &len)) {
> - audit_log(current->audit_context, GFP_ATOMIC,
AUDIT_SELINUX_ERR,
> - "security_sid_mls_copy: invalid context %s", s);
> + audit_log(current->audit_context,
> + GFP_ATOMIC, AUDIT_SELINUX_ERR,
> + "op=security_sid_mls_copy "
> + "invalid_context=%s", s);
> kfree(s);
> }
> goto out_unlock;
--
paul moore
security and virtualization @ redhat
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-09-22 21:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-09-19 0:47 [PATCH] selinux: services: cleanup orphan keywords in audit log text Richard Guy Briggs
2014-09-22 21:11 ` Paul Moore
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).