* [PATCH] Add variadic-style alternative function for avc logging
@ 2006-09-09 2:33 Eamon Walsh
2006-09-17 14:19 ` Steve Grubb
0 siblings, 1 reply; 3+ messages in thread
From: Eamon Walsh @ 2006-09-09 2:33 UTC (permalink / raw)
To: linux-audit
[-- Attachment #1: Type: text/plain, Size: 804 bytes --]
The attached patch adds a new function audit_log_user_avc_message_fmt
that behaves just like audit_log_user_avc_message, but takes a format
string and argument list instead of a fixed message string.
This change will make it easier to use libaudit from SElinux userspace
object managers, since the libselinux logging callback takes a
format-string and variable length list.
If desired, I can send a patch to introduce this alternative for the
other calls as well.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
docs/audit_log_user_avc_message.3 | 12 +++++++++++-
lib/audit_logging.c | 25 +++++++++++++++++++++++++
lib/libaudit.h | 3 +++
3 files changed, 39 insertions(+), 1 deletion(-)
--
Eamon Walsh <ewalsh@tycho.nsa.gov>
National Security Agency
[-- Attachment #2: avcfmt.patch --]
[-- Type: text/x-patch, Size: 3278 bytes --]
diff -Naur audit-old/docs/audit_log_user_avc_message.3 audit-new/docs/audit_log_user_avc_message.3
--- audit-old/docs/audit_log_user_avc_message.3 2006-09-08 21:36:27.000000000 -0400
+++ audit-new/docs/audit_log_user_avc_message.3 2006-09-08 21:22:34.000000000 -0400
@@ -6,6 +6,9 @@
.sp
.B int audit_log_user_avc_message(int audit_fd, int type, const char *message,
const char *hostname, const char *addr, const char *tty, uid_t uid)
+.sp
+.B int audit_log_user_avc_message_fmt(int audit_fd, int type, const char *fmt,
+va_list ap, const char *hostname, const char *addr, const char *tty, uid_t uid)
.SH DESCRIPTION
@@ -19,7 +22,14 @@
addr - The network address of the user
tty - The tty of the user, if NULL will attempt to figure out
uid - The auid of the person related to the avc message
-.if
+.fi
+
+The audit_log_user_avc_message_fmt function provides for a format string and variable-length argument list in place of the message parameter:
+
+.nf
+fmt - message format string, suitable for passing to vsprintf(3)
+ap - argument list corresponding to format string
+.fi
.SH "RETURN VALUE"
diff -Naur audit-old/lib/audit_logging.c audit-new/lib/audit_logging.c
--- audit-old/lib/audit_logging.c 2006-09-08 21:36:27.000000000 -0400
+++ audit-new/lib/audit_logging.c 2006-09-08 21:07:42.000000000 -0400
@@ -437,6 +437,31 @@
}
/*
+ * This function behaves identically to audit_log_user_avc_message, except
+ * allows for a message format-string and variable-length list of arguments.
+ *
+ * audit_fd - The fd returned by audit_open
+ * type - type of message, ex: AUDIT_USER, AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN
+ * fmt - format string for the message being sent
+ * ap - list of arguments corresponding to the format string
+ * hostname - the hostname if known
+ * addr - The network address of the user
+ * tty - The tty of the user
+ * uid - The auid of the person related to the avc message
+ *
+ * It returns the sequence number which is > 0 on success or <= 0 on error.
+ */
+int audit_log_user_avc_message_fmt(int audit_fd, int type, const char *fmt,
+ va_list ap, const char *hostname, const char *addr, const char *tty,
+ uid_t uid)
+{
+ char buf[MAX_AUDIT_MESSAGE_LENGTH];
+ vsnprintf(buf, sizeof(buf), fmt, ap);
+ return audit_log_user_avc_message(audit_fd, type, buf, hostname,
+ addr, tty, uid);
+}
+
+/*
* This function will log a message to the audit system using a predefined
* message format. It should be used for all SE linux user and role
* manipulation operations.
diff -Naur audit-old/lib/libaudit.h audit-new/lib/libaudit.h
--- audit-old/lib/libaudit.h 2006-08-26 13:37:45.000000000 -0400
+++ audit-new/lib/libaudit.h 2006-09-08 21:06:21.000000000 -0400
@@ -434,6 +434,9 @@
extern int audit_log_user_avc_message(int audit_fd, int type,
const char *message, const char *hostname, const char *addr,
const char *tty, uid_t uid);
+extern int audit_log_user_avc_message_fmt(int audit_fd, int type,
+ const char *fmt, va_list ap, const char *hostname, const char *addr,
+ const char *tty, uid_t uid);
extern int audit_log_semanage_message(int audit_fd, int type,
const char *pgname, const char *op, const char *name, unsigned int id,
const char *new_seuser, const char *new_role, const char *new_range,
[-- Attachment #3: Type: text/plain, Size: 0 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [PATCH] Add variadic-style alternative function for avc logging
2006-09-09 2:33 [PATCH] Add variadic-style alternative function for avc logging Eamon Walsh
@ 2006-09-17 14:19 ` Steve Grubb
2006-09-18 22:23 ` Eamon Walsh
0 siblings, 1 reply; 3+ messages in thread
From: Steve Grubb @ 2006-09-17 14:19 UTC (permalink / raw)
To: linux-audit, ewalsh
On Friday 08 September 2006 22:33, Eamon Walsh wrote:
> The attached patch adds a new function audit_log_user_avc_message_fmt
> that behaves just like audit_log_user_avc_message, but takes a format
> string and argument list instead of a fixed message string.
Do you have examples of its use in real upstream code? I'm not opposed to
this, but I've been able to add audit messages all over the place without
duplicating the API with variadic functions.
> If desired, I can send a patch to introduce this alternative for the
> other calls as well.
I'd rather not right now.
Thanks,
-Steve
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Add variadic-style alternative function for avc logging
2006-09-17 14:19 ` Steve Grubb
@ 2006-09-18 22:23 ` Eamon Walsh
0 siblings, 0 replies; 3+ messages in thread
From: Eamon Walsh @ 2006-09-18 22:23 UTC (permalink / raw)
To: Steve Grubb; +Cc: linux-audit
On Sun, 2006-09-17 at 10:19 -0400, Steve Grubb wrote:
> On Friday 08 September 2006 22:33, Eamon Walsh wrote:
> > The attached patch adds a new function audit_log_user_avc_message_fmt
> > that behaves just like audit_log_user_avc_message, but takes a format
> > string and argument list instead of a fixed message string.
>
> Do you have examples of its use in real upstream code? I'm not opposed to
> this, but I've been able to add audit messages all over the place without
> duplicating the API with variadic functions.
Since we're already discussing changing the libselinux userspace avc API
for logging, I guess just hold off on this patch for now.
But here's the pitch: I think it's reasonable to expect that people are
going to be calling the libaudit logging functions from within
printf-style functions that take a format string and argument list.
This is true of the current userspace avc logging callback, and the X
server, where the logging functions look like ErrorF(fmt, ...). I think
it's fairly common to have logging subsystems that behave like this.
Currently, something like the following is required:
va_list ap;
char buf[MAX_AUDIT_MESSAGE_LENGTH];
va_start(ap, fmt);
vsnprintf(buf, MAX_AUDIT_MESSAGE_LENGTH, fmt, ap);
audit_log_user_avc_message(..., buf, ...);
va_end(ap);
Which could be reduced to (with the duplicate API):
va_list ap;
va_start(ap, fmt);
audit_log_user_avc_message(..., fmt, ap, ...);
va_end(ap);
Which avoids the library call and doesn't care about the max_length
constant. Not terribly much, but why not have a convenience function
for it?
--
Eamon Walsh <ewalsh@tycho.nsa.gov>
National Security Agency
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2006-09-18 22:23 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-09 2:33 [PATCH] Add variadic-style alternative function for avc logging Eamon Walsh
2006-09-17 14:19 ` Steve Grubb
2006-09-18 22:23 ` Eamon Walsh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.