Re: [PATCH] integrity: use audit_log_string
From: Eric Paris
Date: Tue May 05 2009 - 14:00:54 EST
On Tue, 2009-05-05 at 13:13 -0400, Mimi Zohar wrote:
> Based on a request from Eric Paris to simplify parsing, replace
> audit_log_format statements containing "%s" with audit_log_string().
>
> Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxx>
As long as you don't mind that change from hash= to cause= I'm ok with
it too:
Acked-by: Eric Paris <eparis@xxxxxxxxxx>
>
> Index: security-testing-2.6/security/integrity/ima/ima_audit.c
> ===================================================================
> --- security-testing-2.6.orig/security/integrity/ima/ima_audit.c
> +++ security-testing-2.6/security/integrity/ima/ima_audit.c
> @@ -54,19 +54,10 @@ void integrity_audit_msg(int audit_msgno
> audit_get_loginuid(current),
> audit_get_sessionid(current));
> audit_log_task_context(ab);
> - switch (audit_msgno) {
> - case AUDIT_INTEGRITY_DATA:
> - case AUDIT_INTEGRITY_METADATA:
> - case AUDIT_INTEGRITY_PCR:
> - case AUDIT_INTEGRITY_STATUS:
> - audit_log_format(ab, " op=%s cause=%s", op, cause);
> - break;
> - case AUDIT_INTEGRITY_HASH:
> - audit_log_format(ab, " op=%s hash=%s", op, cause);
> - break;
> - default:
> - audit_log_format(ab, " op=%s", op);
> - }
> + audit_log_format(ab, " op=");
> + audit_log_string(ab, op);
> + audit_log_format(ab, " cause=");
> + audit_log_string(ab, cause);
> audit_log_format(ab, " comm=");
> audit_log_untrustedstring(ab, current->comm);
> if (fname) {
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/