On 09.09.2022 11:50, Daniel P. Smith wrote:
> --- a/xen/xsm/flask/avc.c
> +++ b/xen/xsm/flask/avc.c
> @@ -566,14 +566,14 @@ void avc_audit(u32 ssid, u32 tsid, u16 tclass, u32
> requested,
> if ( a && (a->sdom || a->tdom) )
> {
> if ( a->sdom && a->tdom && a->sdom != a->tdom )
> - avc_printk(&buf, "domid=%d target=%d ", a->sdom->domain_id,
> a->tdom->domain_id);
> + avc_printk(&buf, "source=%pd target=%dp ", a->sdom, a->tdom);
> else if ( a->sdom )
> - avc_printk(&buf, "domid=%d ", a->sdom->domain_id);
> + avc_printk(&buf, "source=%pd ", a->sdom);
> else
> - avc_printk(&buf, "target=%d ", a->tdom->domain_id);
> + avc_printk(&buf, "target=%pd ", a->tdom);
Apart from switching to %pd to also replace "domid" by "source". That's
fine in the first case (where both domain IDs are logged), but in the
second case it's a little questionable. Wouldn't it be better to be
able to distinguish the tdom == NULL case from the tdom == sdom one,
perhaps by using "source" in the former case but "domid" in the latter
one?
Jan
