Based on a request from Eric Paris to simplify parsing, replace audit_log_format statements containing "%s" with audit_log_string().
Signed-off-by: Mimi Zohar <zo...@us.ibm.com> Index: security-testing-2.6/security/integrity/ima/ima_audit.c =================================================================== --- security-testing-2.6.orig/security/integrity/ima/ima_audit.c +++ security-testing-2.6/security/integrity/ima/ima_audit.c @@ -45,19 +45,10 @@ void integrity_audit_msg(int audit_msgno audit_get_loginuid(current), audit_get_sessionid(current)); audit_log_task_context(ab); - switch (audit_msgno) { - case AUDIT_INTEGRITY_DATA: - case AUDIT_INTEGRITY_METADATA: - case AUDIT_INTEGRITY_PCR: - case AUDIT_INTEGRITY_STATUS: - audit_log_format(ab, " op=%s cause=%s", op, cause); - break; - case AUDIT_INTEGRITY_HASH: - audit_log_format(ab, " op=%s hash=%s", op, cause); - break; - default: - audit_log_format(ab, " op=%s", op); - } + audit_log_format(ab, " op="); + audit_log_string(ab, op); + audit_log_format(ab, " cause="); + audit_log_string(ab, cause); audit_log_format(ab, " comm="); audit_log_untrustedstring(ab, current->comm); if (fname) { -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit