[PATCH] Fix AUDIT_MAC_POLICY_LOAD event formatting

[Steve Grubb]

The AUDIT_MAC_POLICY_LOAD event has dangling text that means the same thing
as the event type and is missing the uid and results field. The bigger issue
is that in some failure cases no event is emitted. This patch fixes the noted
problems.

Signed-off-by: Steve Grubb <sgrubb at redhat.com>

---

--- vanilla-4.9-rc5.orig/security/selinux/selinuxfs.c	2016-11-16 15:16:34.738723900 -0500
+++ linux-4.9.0-0.rc5.git0.1.fc24.x86_64/security/selinux/selinuxfs.c	2016-11-21 12:16:08.046787604 -0500
@@ -494,6 +494,7 @@ static ssize_t sel_write_load(struct fil
 {
 	ssize_t length;
 	void *data = NULL;
+	unsigned int result = 0;
 
 	mutex_lock(&sel_mutex);
 
@@ -525,24 +526,26 @@ static ssize_t sel_write_load(struct fil
 
 	length = sel_make_bools();
 	if (length)
-		goto out1;
+		goto out;
 
 	length = sel_make_classes();
 	if (length)
-		goto out1;
+		goto out;
 
 	length = sel_make_policycap();
 	if (length)
-		goto out1;
+		goto out;
 
 	length = count;
+	result = 1;
 
-out1:
+out:
 	audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
-		"policy loaded auid=%u ses=%u",
+		"uid=%u auid=%u ses=%u res=%u",
+		from_kuid(&init_user_ns, task_uid(current)),
 		from_kuid(&init_user_ns, audit_get_loginuid(current)),
-		audit_get_sessionid(current));
-out:
+		audit_get_sessionid(current), result);
+
 	mutex_unlock(&sel_mutex);
 	vfree(data);
 	return length;