[PATCH] selinux: services: cleanup orphan keywords in audit log text

Thu, 18 Sep 2014 17:51:32 -0700 

Restructure to keyword=value pairs without spaces.  Drop superfluous words in
text.  Make invalid_context a keyword.  Change result= keyword to seresult=.

Signed-off-by: Richard Guy Briggs <[email protected]>
---
 security/selinux/ss/services.c |   14 ++++++++------
 1 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 4bca494..e822910 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -728,7 +728,7 @@ static int security_validtrans_handle_fail(struct context 
*ocontext,
        if (context_struct_to_string(tcontext, &t, &tlen))
                goto out;
        audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
-                 "security_validate_transition:  denied for"
+                 "op=security_validate_transition seresult=denied"
                  " oldcontext=%s newcontext=%s taskcontext=%s tclass=%s",
                  o, n, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
 out:
@@ -877,7 +877,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid)
                        audit_log(current->audit_context,
                                  GFP_ATOMIC, AUDIT_SELINUX_ERR,
                                  "op=security_bounded_transition "
-                                 "result=denied "
+                                 "seresult=denied "
                                  "oldcontext=%s newcontext=%s",
                                  old_name, new_name);
                }
@@ -1351,8 +1351,8 @@ static int compute_sid_handle_invalid_context(
        if (context_struct_to_string(newcontext, &n, &nlen))
                goto out;
        audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,
-                 "security_compute_sid:  invalid context %s"
-                 " for scontext=%s"
+                 "op=security_compute_sid invalid_context=%s"
+                 " scontext=%s"
                  " tcontext=%s"
                  " tclass=%s",
                  n, s, t, sym_name(&policydb, SYM_CLASSES, tclass-1));
@@ -2584,8 +2584,10 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 
*new_sid)
                rc = convert_context_handle_invalid_context(&newcon);
                if (rc) {
                        if (!context_struct_to_string(&newcon, &s, &len)) {
-                               audit_log(current->audit_context, GFP_ATOMIC, 
AUDIT_SELINUX_ERR,
-                                         "security_sid_mls_copy: invalid 
context %s", s);
+                               audit_log(current->audit_context,
+                                         GFP_ATOMIC, AUDIT_SELINUX_ERR,
+                                         "op=security_sid_mls_copy "
+                                         "invalid_context=%s", s);
                                kfree(s);
                        }
                        goto out_unlock;
-- 
1.7.1

--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit

Reply via email to