[RFC][PATCH] integrity: use audit_log_string
Mimi Zohar
zohar at linux.vnet.ibm.com
Tue Apr 28 18:08:06 UTC 2009
Based on a request from Eric Paris to simplify parsing, replace
audit_log_format statements containing "%s" with audit_log_string().
Signed-off-by: Mimi Zohar <zohar at us.ibm.com>
Index: security-testing-2.6/security/integrity/ima/ima_audit.c
===================================================================
--- security-testing-2.6.orig/security/integrity/ima/ima_audit.c
+++ security-testing-2.6/security/integrity/ima/ima_audit.c
@@ -45,19 +45,10 @@ void integrity_audit_msg(int audit_msgno
audit_get_loginuid(current),
audit_get_sessionid(current));
audit_log_task_context(ab);
- switch (audit_msgno) {
- case AUDIT_INTEGRITY_DATA:
- case AUDIT_INTEGRITY_METADATA:
- case AUDIT_INTEGRITY_PCR:
- case AUDIT_INTEGRITY_STATUS:
- audit_log_format(ab, " op=%s cause=%s", op, cause);
- break;
- case AUDIT_INTEGRITY_HASH:
- audit_log_format(ab, " op=%s hash=%s", op, cause);
- break;
- default:
- audit_log_format(ab, " op=%s", op);
- }
+ audit_log_format(ab, " op=");
+ audit_log_string(ab, op);
+ audit_log_format(ab, " cause=");
+ audit_log_string(ab, cause);
audit_log_format(ab, " comm=");
audit_log_untrustedstring(ab, current->comm);
if (fname) {
More information about the Linux-audit
mailing list