Gitiles
Code Review Sign In
LeafOS / LeafOS-Devices / android_kernel_samsung_gta4xl / bccf6ae083318ea08094d6ab185fdf7c49906b3a^! / . / kernel
commitbccf6ae083318ea08094d6ab185fdf7c49906b3a[log] [tgz]
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>Mon May 23 21:35:28 2005 +0100
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>Mon May 23 21:35:28 2005 +0100
tree0dc4fabe9004aa666e646c69e976fda989c08565
parentbfb4496e7239c9132d732a65cdcf3d6a7431ad1a [diff]
AUDIT: Unify auid reporting, put arch before syscall number

These changes make processing of audit logs easier. Based on a patch
from Steve Grubb <sgrubb@redhat.com>

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

diff --git a/kernel/audit.c b/kernel/audit.c
index 35306f4..ef35166 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c

@@ -234,7 +234,7 @@
 	int old		 = audit_rate_limit;
 	audit_rate_limit = limit;
 	audit_log(NULL, AUDIT_CONFIG_CHANGE, 
-			"audit_rate_limit=%d old=%d by auid %u",
+			"audit_rate_limit=%d old=%d by auid=%u",
 			audit_rate_limit, old, loginuid);
 	return old;
 }
@@ -244,7 +244,7 @@
 	int old		 = audit_backlog_limit;
 	audit_backlog_limit = limit;
 	audit_log(NULL, AUDIT_CONFIG_CHANGE,
-			"audit_backlog_limit=%d old=%d by auid %u",
+			"audit_backlog_limit=%d old=%d by auid=%u",
 			audit_backlog_limit, old, loginuid);
 	return old;
 }
@@ -256,7 +256,7 @@
 		return -EINVAL;
 	audit_enabled = state;
 	audit_log(NULL, AUDIT_CONFIG_CHANGE,
-			"audit_enabled=%d old=%d by auid %u",
+			"audit_enabled=%d old=%d by auid=%u",
 			audit_enabled, old, loginuid);
 	return old;
 }
@@ -270,7 +270,7 @@
 		return -EINVAL;
 	audit_failure = state;
 	audit_log(NULL, AUDIT_CONFIG_CHANGE,
-			"audit_failure=%d old=%d by auid %u",
+			"audit_failure=%d old=%d by auid=%u",
 			audit_failure, old, loginuid);
 	return old;
 }
@@ -424,7 +424,7 @@
 			int old   = audit_pid;
 			audit_pid = status_get->pid;
 			audit_log(NULL, AUDIT_CONFIG_CHANGE,
-				"audit_pid=%d old=%d by auid %u",
+				"audit_pid=%d old=%d by auid=%u",
 				  audit_pid, old, loginuid);
 		}
 		if (status_get->mask & AUDIT_STATUS_RATE_LIMIT)

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 74c2ae8..5fc4f52 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c

@@ -307,7 +307,7 @@
 		if (!err && (flags & AUDIT_AT_EXIT))
 			err = audit_add_rule(entry, &audit_extlist);
 		audit_log(NULL, AUDIT_CONFIG_CHANGE, 
-				"auid %u added an audit rule\n", loginuid);
+				"auid=%u added an audit rule\n", loginuid);
 		break;
 	case AUDIT_DEL:
 		flags =((struct audit_rule *)data)->flags;
@@ -318,7 +318,7 @@
 		if (!err && (flags & AUDIT_AT_EXIT))
 			err = audit_del_rule(data, &audit_extlist);
 		audit_log(NULL, AUDIT_CONFIG_CHANGE,
-				"auid %u removed an audit rule\n", loginuid);
+				"auid=%u removed an audit rule\n", loginuid);
 		break;
 	default:
 		return -EINVAL;
@@ -678,10 +678,10 @@
 	ab = audit_log_start(context, AUDIT_SYSCALL);
 	if (!ab)
 		return;		/* audit_panic has been called */
-	audit_log_format(ab, "syscall=%d", context->major);
+	audit_log_format(ab, "arch=%x syscall=%d",
+			 context->arch, context->major);
 	if (context->personality != PER_LINUX)
 		audit_log_format(ab, " per=%lx", context->personality);
-	audit_log_format(ab, " arch=%x", context->arch);
 	if (context->return_valid)
 		audit_log_format(ab, " success=%s exit=%ld", 
 				 (context->return_valid==AUDITSC_SUCCESS)?"yes":"no",