selinux: fix avc audit messages

commit a2c513835bb6c6 ("selinux: inline some AVC functions used only once") introduced usage of audit_log_string() in place of audit_log_format() for fixed strings. However, audit_log_string() quotes the string. This breaks the avc audit message format and userspace audit parsers. Switch back to using audit_log_format(). Fixes: a2c513835bb6c6 ("selinux: inline some AVC functions used only once") Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Stephen Smalley <sds@tycho.nsa.gov> 2019-02-05 11:49:32 -0500
committer: Paul Moore <paul@paul-moore.com> 2019-02-05 12:34:33 -0500
commit: 45189a1998e00f6375ebd49d1e18161acddd73de (patch)
tree: a73db80ede5b0a2607ddf8b158399a0c5e2a473e
parent: e6f2f381e4015386a656a369835f949c26000e6b (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 33863298a9b5..8346a4f7c5d7 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -674,13 +674,13 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a)
        audit_log_format(ab, "avc:  %s ", sad->denied ? "denied" : "granted");
        if (av == 0) {
-                audit_log_string(ab, " null");
+                audit_log_format(ab, " null");
                return;
        }
        perms = secclass_map[sad->tclass-1].perms;
-        audit_log_string(ab, " {");
+        audit_log_format(ab, " {");
        i = 0;
        perm = 1;
        while (i < (sizeof(av) * 8)) {
@@ -695,7 +695,7 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a)
        if (av)
                audit_log_format(ab, " 0x%x", av);
-        audit_log_string(ab, " } for ");
+        audit_log_format(ab, " } for ");
 }
 /**
author	Stephen Smalley <sds@tycho.nsa.gov>	2019-02-05 11:49:32 -0500
committer	Paul Moore <paul@paul-moore.com>	2019-02-05 12:34:33 -0500
commit	45189a1998e00f6375ebd49d1e18161acddd73de (patch)
tree	a73db80ede5b0a2607ddf8b158399a0c5e2a473e
parent	e6f2f381e4015386a656a369835f949c26000e6b (diff)

diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 33863298a9b5..8346a4f7c5d7 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c
@@ -674,13 +674,13 @@ static void avc_audit_pre_callback(struct audit_buffer ab, void a)
674	audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted");	674	audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted");
675		675
676	if (av == 0) {	676	if (av == 0) {
677	audit_log_string(ab, " null");	677	audit_log_format(ab, " null");
678	return;	678	return;
679	}	679	}
680		680
681	perms = secclass_map[sad->tclass-1].perms;	681	perms = secclass_map[sad->tclass-1].perms;
682		682
683	audit_log_string(ab, " {");	683	audit_log_format(ab, " {");
684	i = 0;	684	i = 0;
685	perm = 1;	685	perm = 1;
686	while (i < (sizeof(av) * 8)) {	686	while (i < (sizeof(av) * 8)) {
@@ -695,7 +695,7 @@ static void avc_audit_pre_callback(struct audit_buffer ab, void a)
695	if (av)	695	if (av)
696	audit_log_format(ab, " 0x%x", av);	696	audit_log_format(ab, " 0x%x", av);
697		697
698	audit_log_string(ab, " } for ");	698	audit_log_format(ab, " } for ");
699	}	699	}
700		700
701	/**	701	/**