[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xsm/flask: adjust print messages to use %pd

  • To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Fri, 9 Sep 2022 12:04:41 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xs4vdQmDQTe9kAwvVnupcLLjjgW3PAzWEIfeQrL0Ga8=; b=TsgKSYOGMwTBsAXHdSRZiUiCKI3ZKoxECSSZiN0Zz/ru1jCFVAyf1n/nx5cLP7huiLmX8Hto53fOhTYxnJqy2EhDEAUeBct/pI2IeTEUrwe+373aD84PReUXJRdkKZYIFeAOcth/uonNC+u5387o09gSFMD9918OHLq4ARgIFRJCfUcsSv9LVLqr4r96k5StzBZIHL2gzJ55eSPgVpaWxDfnSzCWbwhw5EYW4hOr5Z8ZcfyTMTYWgQGuEvKE7EkYARfnzc8eofoIoW+uvXvvD6QZF0Df/6F1Lv+Wv3rul5uM+cf2sLxSwFXM2RhQoMLhq0u58N5ofuOqm+mtn85x6g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RAl7DgmYUUx6AeR7TifPQsb5s//6d39y6lcKuxCRYHO2JRfROZNGVuETYWTibOC6BPVE9kaawgPtLtyIepOvvXIjNUiXwH0uqDs+EXdUVan76k3t6vzqw2LC3W1MD7VWHACbVv9nWxZk4W4EoxrjgOmUIsqjh2xtMidOI3tAQ2b09qm/TzqyT2D1jdW69+YUUSVzYoI2VAj/GTAYOcqaCxznFIzTbVdDW8oe7PwBDR8luV/oTRYfnuRl6Jfo622O3n3mcKzkmO9i0s2EQr7KDsdCYhUSUMjlzMXfaDFlRyBaIIUFJrtkq+oYyG3ElthrT/KqAY9HIyappzuTiioXdA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: jandryuk@xxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Fri, 09 Sep 2022 10:05:03 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 09.09.2022 11:50, Daniel P. Smith wrote:
> --- a/xen/xsm/flask/avc.c
> +++ b/xen/xsm/flask/avc.c
> @@ -566,14 +566,14 @@ void avc_audit(u32 ssid, u32 tsid, u16 tclass, u32 
> requested,
>      if ( a && (a->sdom || a->tdom) )
>      {
>          if ( a->sdom && a->tdom && a->sdom != a->tdom )
> -            avc_printk(&buf, "domid=%d target=%d ", a->sdom->domain_id, 
> a->tdom->domain_id);
> +            avc_printk(&buf, "source=%pd target=%dp ", a->sdom, a->tdom);
>          else if ( a->sdom )
> -            avc_printk(&buf, "domid=%d ", a->sdom->domain_id);
> +            avc_printk(&buf, "source=%pd ", a->sdom);
>          else
> -            avc_printk(&buf, "target=%d ", a->tdom->domain_id);
> +            avc_printk(&buf, "target=%pd ", a->tdom);

Apart from switching to %pd to also replace "domid" by "source". That's
fine in the first case (where both domain IDs are logged), but in the
second case it's a little questionable. Wouldn't it be better to be
able to distinguish the tdom == NULL case from the tdom == sdom one,
perhaps by using "source" in the former case but "domid" in the latter
one?

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.