audit: fix dangling keywords in integrity ima message output
authorRichard Guy Briggs <rgb@redhat.com>
Mon, 16 Jun 2014 19:52:07 +0000 (15:52 -0400)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Thu, 17 Jul 2014 13:35:10 +0000 (09:35 -0400)
Replace spaces in op keyword labels in log output since userspace audit tools
can't parse orphaned keywords.

Reported-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
security/integrity/ima/ima_appraise.c
security/integrity/ima/ima_policy.c

index d3113d4aaa3c3f41d0395f4b0862f37389b8997f..59ac902750703a7d7a74dddfcdeb6b132f270af5 100644 (file)
@@ -214,7 +214,7 @@ int ima_appraise_measurement(int func, struct integrity_iint_cache *iint,
                hash_start = 1;
        case IMA_XATTR_DIGEST:
                if (iint->flags & IMA_DIGSIG_REQUIRED) {
-                       cause = "IMA signature required";
+                       cause = "IMA-signature-required";
                        status = INTEGRITY_FAIL;
                        break;
                }
index 40a7488f6721b15a70ea0677dce5e10503b9e7b8..cea84d8bd7be7426863ba0be3de0262961fb9ae9 100644 (file)
@@ -332,7 +332,7 @@ void __init ima_init_policy(void)
 void ima_update_policy(void)
 {
        static const char op[] = "policy_update";
-       const char *cause = "already exists";
+       const char *cause = "already-exists";
        int result = 1;
        int audit_info = 0;
 
@@ -659,7 +659,7 @@ ssize_t ima_parse_add_rule(char *rule)
        /* Prevent installed policy from changing */
        if (ima_rules != &ima_default_rules) {
                integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL,
-                                   NULL, op, "already exists",
+                                   NULL, op, "already-exists",
                                    -EACCES, audit_info);
                return -EACCES;
        }
@@ -685,7 +685,7 @@ ssize_t ima_parse_add_rule(char *rule)
        if (result) {
                kfree(entry);
                integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL,
-                                   NULL, op, "invalid policy", result,
+                                   NULL, op, "invalid-policy", result,
                                    audit_info);
                return result;
        }