[PATCH] Fix AUDIT_MAC_POLICY_LOAD event formatting

The AUDIT_MAC_POLICY_LOAD event has dangling text that means the same thing as the event type and is missing the uid and results field. The bigger issue is that in some failure cases no event is emitted. This patch fixes the noted problems. Signed-off-by: Steve Grubb <sgrubb(a)redhat.com&gt; --- --- vanilla-4.9-rc5.orig/security/selinux/selinuxfs.c 2016-11-16 15:16:34.738723900 -0500 +++ linux-4.9.0-0.rc5.git0.1.fc24.x86_64/security/selinux/selinuxfs.c 2016-11-21 12:16:08.046787604 -0500 @@ -494,6 +494,7 @@ static ssize_t sel_write_load(struct fil { ssize_t length; void *data = NULL; + unsigned int result = 0; mutex_lock(&sel_mutex); @@ -525,24 +526,26 @@ static ssize_t sel_write_load(struct fil length = sel_make_bools(); if (length) - goto out1; + goto out; length = sel_make_classes(); if (length) - goto out1; + goto out; length = sel_make_policycap(); if (length) - goto out1; + goto out; length = count; + result = 1; -out1: +out: audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, - "policy loaded auid=%u ses=%u", + "uid=%u auid=%u ses=%u res=%u", + from_kuid(&init_user_ns, task_uid(current)), from_kuid(&init_user_ns, audit_get_loginuid(current)), - audit_get_sessionid(current)); -out: + audit_get_sessionid(current), result); + mutex_unlock(&sel_mutex); vfree(data); return length;