diff options
author | Richard Guy Briggs <rgb@redhat.com> | 2014-09-18 20:47:48 -0400 |
---|---|---|
committer | Paul Moore <pmoore@redhat.com> | 2014-09-22 17:02:10 -0400 |
commit | 4093a8443941d7021c7f747474a87a56cf666270 (patch) | |
tree | 46febf759a27726f3807e4219b780174ae94283c /security | |
parent | e173fb2646a832b424c80904c306b816760ce477 (diff) | |
download | op-kernel-dev-4093a8443941d7021c7f747474a87a56cf666270.zip op-kernel-dev-4093a8443941d7021c7f747474a87a56cf666270.tar.gz |
selinux: normalize audit log formatting
Restructure to keyword=value pairs without spaces. Drop superfluous words in
text. Make invalid_context a keyword. Change result= keyword to seresult=.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
[Minor rewrite to the patch subject line]
Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/ss/services.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 2aa9d17..a1d3944 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -728,7 +728,7 @@ static int security_validtrans_handle_fail(struct context *ocontext, if (context_struct_to_string(tcontext, &t, &tlen)) goto out; audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, - "security_validate_transition: denied for" + "op=security_validate_transition seresult=denied" " oldcontext=%s newcontext=%s taskcontext=%s tclass=%s", o, n, t, sym_name(&policydb, SYM_CLASSES, tclass-1)); out: @@ -877,7 +877,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, "op=security_bounded_transition " - "result=denied " + "seresult=denied " "oldcontext=%s newcontext=%s", old_name, new_name); } @@ -1351,8 +1351,8 @@ static int compute_sid_handle_invalid_context( if (context_struct_to_string(newcontext, &n, &nlen)) goto out; audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, - "security_compute_sid: invalid context %s" - " for scontext=%s" + "op=security_compute_sid invalid_context=%s" + " scontext=%s" " tcontext=%s" " tclass=%s", n, s, t, sym_name(&policydb, SYM_CLASSES, tclass-1)); @@ -2607,8 +2607,10 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) rc = convert_context_handle_invalid_context(&newcon); if (rc) { if (!context_struct_to_string(&newcon, &s, &len)) { - audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR, - "security_sid_mls_copy: invalid context %s", s); + audit_log(current->audit_context, + GFP_ATOMIC, AUDIT_SELINUX_ERR, + "op=security_sid_mls_copy " + "invalid_context=%s", s); kfree(s); } goto out_unlock; |