selinux: fix avc audit messages

commit a2c513835b ("selinux: inline some AVC functions used only once")
introduced usage of audit_log_string() in place of audit_log_format()
for fixed strings.  However, audit_log_string() quotes the string.
This breaks the avc audit message format and userspace audit parsers.
Switch back to using audit_log_format().

Fixes: a2c513835b ("selinux: inline some AVC functions used only once")
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Stephen Smalley 2019-02-05 11:49:32 -05:00 committed by Paul Moore
parent e6f2f381e4
commit 45189a1998

View File

@ -674,13 +674,13 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a)
audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted");
if (av == 0) {
audit_log_string(ab, " null");
audit_log_format(ab, " null");
return;
}
perms = secclass_map[sad->tclass-1].perms;
audit_log_string(ab, " {");
audit_log_format(ab, " {");
i = 0;
perm = 1;
while (i < (sizeof(av) * 8)) {
@ -695,7 +695,7 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a)
if (av)
audit_log_format(ab, " 0x%x", av);
audit_log_string(ab, " } for ");
audit_log_format(ab, " } for ");
}
/**