netfilter: xtables: use audit_log()

Message ID c091f8c337fe4316ffcfb121da8b24b6633fa679.1502099123.git.geliangtang@gmail.com
State Accepted
Delegated to: Pablo Neira
Headers show

Commit Message

Geliang Tang Aug. 7, 2017, 1:44 p.m.
Use audit_log() instead of open-coding it.

Signed-off-by: Geliang Tang <geliangtang@gmail.com>
---
 net/netfilter/x_tables.c | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

Comments

Pablo Neira Ayuso Aug. 19, 2017, 11:25 a.m. | #1
On Mon, Aug 07, 2017 at 09:44:26PM +0800, Geliang Tang wrote:
> Use audit_log() instead of open-coding it.

As said, collapsed into 'netfilter: ebtables: use audit_log()', just
for the record.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index e164823..c83a3b5 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -1192,16 +1192,10 @@  xt_replace_table(struct xt_table *table,
 
 #ifdef CONFIG_AUDIT
 	if (audit_enabled) {
-		struct audit_buffer *ab;
-
-		ab = audit_log_start(current->audit_context, GFP_KERNEL,
-				     AUDIT_NETFILTER_CFG);
-		if (ab) {
-			audit_log_format(ab, "table=%s family=%u entries=%u",
-					 table->name, table->af,
-					 private->number);
-			audit_log_end(ab);
-		}
+		audit_log(current->audit_context, GFP_KERNEL,
+			  AUDIT_NETFILTER_CFG,
+			  "table=%s family=%u entries=%u",
+			  table->name, table->af, private->number);
 	}
 #endif