From 45189a1998e00f6375ebd49d1e18161acddd73de Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Tue, 5 Feb 2019 11:49:32 -0500 Subject: [PATCH] selinux: fix avc audit messages commit a2c513835bb6c6 ("selinux: inline some AVC functions used only once") introduced usage of audit_log_string() in place of audit_log_format() for fixed strings. However, audit_log_string() quotes the string. This breaks the avc audit message format and userspace audit parsers. Switch back to using audit_log_format(). Fixes: a2c513835bb6c6 ("selinux: inline some AVC functions used only once") Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/avc.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 33863298a9b5..8346a4f7c5d7 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -674,13 +674,13 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted"); if (av == 0) { - audit_log_string(ab, " null"); + audit_log_format(ab, " null"); return; } perms = secclass_map[sad->tclass-1].perms; - audit_log_string(ab, " {"); + audit_log_format(ab, " {"); i = 0; perm = 1; while (i < (sizeof(av) * 8)) { @@ -695,7 +695,7 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) if (av) audit_log_format(ab, " 0x%x", av); - audit_log_string(ab, " } for "); + audit_log_format(ab, " } for "); } /**