[PATCH] Add variadic-style alternative function for avc logging
Eamon Walsh
ewalsh at tycho.nsa.gov
Mon Sep 18 22:23:02 UTC 2006
On Sun, 2006-09-17 at 10:19 -0400, Steve Grubb wrote:
> On Friday 08 September 2006 22:33, Eamon Walsh wrote:
> > The attached patch adds a new function audit_log_user_avc_message_fmt
> > that behaves just like audit_log_user_avc_message, but takes a format
> > string and argument list instead of a fixed message string.
>
> Do you have examples of its use in real upstream code? I'm not opposed to
> this, but I've been able to add audit messages all over the place without
> duplicating the API with variadic functions.
Since we're already discussing changing the libselinux userspace avc API
for logging, I guess just hold off on this patch for now.
But here's the pitch: I think it's reasonable to expect that people are
going to be calling the libaudit logging functions from within
printf-style functions that take a format string and argument list.
This is true of the current userspace avc logging callback, and the X
server, where the logging functions look like ErrorF(fmt, ...). I think
it's fairly common to have logging subsystems that behave like this.
Currently, something like the following is required:
va_list ap;
char buf[MAX_AUDIT_MESSAGE_LENGTH];
va_start(ap, fmt);
vsnprintf(buf, MAX_AUDIT_MESSAGE_LENGTH, fmt, ap);
audit_log_user_avc_message(..., buf, ...);
va_end(ap);
Which could be reduced to (with the duplicate API):
va_list ap;
va_start(ap, fmt);
audit_log_user_avc_message(..., fmt, ap, ...);
va_end(ap);
Which avoids the library call and doesn't care about the max_length
constant. Not terribly much, but why not have a convenience function
for it?
--
Eamon Walsh <ewalsh at tycho.nsa.gov>
National Security Agency
More information about the Linux-audit
mailing list