Index: grsecurity/Makefile
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/Makefile,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/Makefile	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/Makefile	8 Oct 2004 04:46:18 -0000	1.2
@@ -15,7 +15,7 @@ obj-y = grsec_chdir.o grsec_chroot.o grs
 ifeq ($(CONFIG_GRKERNSEC),y)
 obj-y += grsec_init.o grsum.o gracl.o gracl_ip.o gracl_segv.o obsd_rand.o \
 	gracl_cap.o gracl_alloc.o gracl_shm.o grsec_mem.o gracl_fs.o \
-	gracl_learn.o grsec_textrel.o
+	gracl_learn.o grsec_textrel.o grsec_log.o
 obj-$(CONFIG_GRKERNSEC_RESLOG) += gracl_res.o
 else
 obj-y += grsec_disabled.o
Index: grsecurity/gracl.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/gracl.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -b -B -w -p -u -r1.10 -r1.11
--- grsecurity/gracl.c	19 Sep 2004 17:56:14 -0000	1.10
+++ grsecurity/gracl.c	8 Oct 2004 04:46:18 -0000	1.11
@@ -1489,7 +1489,7 @@ gracl_init(struct gr_arg *args)
 	memcpy(gr_system_sum, args->sum, GR_SHA_LEN);
 
 	if (init_variables(args)) {
-		security_alert_good(GR_INITF_ACL_MSG, GR_VERSION);
+		gr_log_str(GR_DONT_AUDIT_GOOD, GR_INITF_ACL_MSG, GR_VERSION);
 		error = -ENOMEM;
 		free_variables();
 		goto out;
@@ -2139,8 +2139,7 @@ gr_check_user_change(int real, int effec
 	if (realok && effectiveok && fsok)
 		return 0;
 	else {
-		security_alert(GR_USRCHANGE_ACL_MSG,
-			realok ? (effectiveok ? (fsok ? 0 : fs) : effective) : real, DEFAULTSECARGS);
+		gr_log_int(GR_DONT_AUDIT, GR_USRCHANGE_ACL_MSG, realok ? (effectiveok ? (fsok ? 0 : fs) : effective) : real);
 		return 1;
 	}
 }
@@ -2203,8 +2202,7 @@ gr_check_group_change(int real, int effe
 	if (realok && effectiveok && fsok)
 		return 0;
 	else {
-		security_alert(GR_GRPCHANGE_ACL_MSG,
-			realok ? (effectiveok ? (fsok ? 0 : fs) : effective) : real, DEFAULTSECARGS);
+		gr_log_int(GR_DONT_AUDIT, GR_GRPCHANGE_ACL_MSG, realok ? (effectiveok ? (fsok ? 0 : fs) : effective) : real);
 		return 1;
 	}
 }
@@ -2273,8 +2271,7 @@ gr_set_proc_label(const struct dentry *d
 	     atomic_read(&task->files->count) > 1 ||
 	     atomic_read(&task->sig->count) > 1)) {
 		task_unlock(task);
-		security_alert(GR_PTRACE_EXEC_ACL_MSG,
-			       gr_to_filename(dentry, mnt), DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DONT_AUDIT, GR_PTRACE_EXEC_ACL_MSG, dentry, mnt);
 		return -EACCES;
 	}
 	obj = chk_obj_label(dentry, mnt, task->acl);
@@ -2288,8 +2285,7 @@ gr_set_proc_label(const struct dentry *d
 		task_unlock(task);
 	} else if (retmode & GR_INHERIT && retmode & GR_AUDIT_INHERIT) {
 		task_unlock(task);
-		security_audit(GR_INHERIT_ACL_MSG, task->acl->filename,
-			       gr_to_filename(dentry, mnt), DEFAULTSECARGS);
+		gr_log_str_fs(GR_DO_AUDIT, GR_INHERIT_ACL_MSG, task->acl->filename, dentry, mnt);
 	} else
 		task_unlock(task);
 
@@ -2688,8 +2684,7 @@ write_grsec_handler(struct file *file, c
 	down(&gr_dev_sem);
 
 	if (count != sizeof (struct gr_arg_wrapper)) {
-		security_alert_good(GR_DEV_ACL_MSG, (int)count,
-				    (int) sizeof (struct gr_arg_wrapper));
+		gr_log_int_int(GR_DONT_AUDIT_GOOD, GR_DEV_ACL_MSG, (int)count, (int)sizeof(struct gr_arg_wrapper));
 		error = -EINVAL;
 		goto out;
 	}
@@ -2751,34 +2746,33 @@ write_grsec_handler(struct file *file, c
 		if ((gr_status & GR_READY)
 		    && !(chkpw(gr_usermode, gr_system_salt, gr_system_sum))) {
 			gr_status &= ~GR_READY;
-			security_alert_good(GR_SHUTS_ACL_MSG, DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT_GOOD, GR_SHUTS_ACL_MSG);
 			free_variables();
 			memset(gr_usermode, 0, sizeof (struct gr_arg));
 			memset(gr_system_salt, 0, GR_SALT_LEN);
 			memset(gr_system_sum, 0, GR_SHA_LEN);
 		} else if (gr_status & GR_READY) {
-			security_alert(GR_SHUTF_ACL_MSG, DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT, GR_SHUTF_ACL_MSG);
 			error = -EPERM;
 		} else {
-			security_alert_good(GR_SHUTI_ACL_MSG, DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT_GOOD, GR_SHUTI_ACL_MSG);
 			error = -EAGAIN;
 		}
 		break;
 	case ENABLE:
 		if (!(gr_status & GR_READY) && !(error2 = gracl_init(gr_usermode)))
-			security_alert_good(GR_ENABLE_ACL_MSG, GR_VERSION);
+			gr_log_str(GR_DONT_AUDIT_GOOD, GR_ENABLE_ACL_MSG, GR_VERSION);
 		else {
 			if (gr_status & GR_READY)
 				error = -EAGAIN;
 			else
 				error = error2;
-			security_alert(GR_ENABLEF_ACL_MSG, GR_VERSION,
-				       DEFAULTSECARGS);
+			gr_log_str(GR_DONT_AUDIT, GR_ENABLEF_ACL_MSG, GR_VERSION);
 		}
 		break;
 	case RELOAD:
 		if (!(gr_status & GR_READY)) {
-			security_alert_good(GR_RELOADI_ACL_MSG);
+			gr_log_str(GR_DONT_AUDIT_GOOD, GR_RELOADI_ACL_MSG, GR_VERSION);
 			error = -EAGAIN;
 		} else if (!(chkpw(gr_usermode, gr_system_salt, gr_system_sum))) {
 			lock_kernel();
@@ -2786,31 +2780,26 @@ write_grsec_handler(struct file *file, c
 			free_variables();
 			if (!(error2 = gracl_init(gr_usermode))) {
 				unlock_kernel();
-				security_alert_good(GR_RELOAD_ACL_MSG,
-						    GR_VERSION);
+				gr_log_str(GR_DONT_AUDIT_GOOD, GR_RELOAD_ACL_MSG, GR_VERSION);
 			} else {
 				unlock_kernel();
 				error = error2;
-				security_alert(GR_RELOADF_ACL_MSG, GR_VERSION,
-					       DEFAULTSECARGS);
+				gr_log_str(GR_DONT_AUDIT, GR_RELOADF_ACL_MSG, GR_VERSION);
 			}
 		} else {
-			security_alert(GR_RELOADF_ACL_MSG, GR_VERSION,
-				       DEFAULTSECARGS);
+			gr_log_str(GR_DONT_AUDIT, GR_RELOADF_ACL_MSG, GR_VERSION);
 			error = -EPERM;
 		}
 		break;
 	case SEGVMOD:
 		if (unlikely(!(gr_status & GR_READY))) {
-			security_alert_good(GR_SEGVMODI_ACL_MSG,
-					    DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT_GOOD, GR_SEGVMODI_ACL_MSG);
 			error = -EAGAIN;
 			break;
 		}
 
 		if (!(chkpw(gr_usermode, gr_system_salt, gr_system_sum))) {
-			security_alert_good(GR_SEGVMODS_ACL_MSG,
-					    DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT_GOOD, GR_SEGVMODS_ACL_MSG);
 			if (gr_usermode->segv_device && gr_usermode->segv_inode) {
 				struct acl_subject_label *segvacl;
 				segvacl =
@@ -2825,13 +2814,13 @@ write_grsec_handler(struct file *file, c
 				gr_remove_uid(gr_usermode->segv_uid);
 			}
 		} else {
-			security_alert(GR_SEGVMODF_ACL_MSG, DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT, GR_SEGVMODF_ACL_MSG);
 			error = -EPERM;
 		}
 		break;
 	case SPROLE:
 		if (unlikely(!(gr_status & GR_READY))) {
-			security_alert_good(GR_SPROLEI_ACL_MSG, DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT_GOOD, GR_SPROLEI_ACL_MSG);
 			error = -EAGAIN;
 			break;
 		}
@@ -2851,22 +2840,22 @@ write_grsec_handler(struct file *file, c
 		    (gr_usermode->sp_role, &sprole_salt, &sprole_sum)
 		    && ((!sprole_salt && !sprole_sum)
 			|| !(chkpw(gr_usermode, sprole_salt, sprole_sum)))) {
+			char *p = "";
 			assign_special_role(gr_usermode->sp_role);
-			security_alert_good(GR_SPROLES_ACL_MSG,
-					    (current->p_pptr) ? current->
-					    p_pptr->role->rolename : "",
-					    acl_sp_role_value, DEFAULTSECARGS);
+			read_lock(&tasklist_lock);
+			if (current->p_pptr)
+				p = current->p_pptr->role->rolename;
+			read_unlock(&tasklist_lock);
+			gr_log_str_int(GR_DONT_AUDIT_GOOD, GR_SPROLES_ACL_MSG,
+					p, acl_sp_role_value);
 		} else {
-			security_alert(GR_SPROLEF_ACL_MSG, gr_usermode->sp_role,
-				       DEFAULTSECARGS);
+			gr_log_str(GR_DONT_AUDIT, GR_SPROLEF_ACL_MSG, gr_usermode->sp_role);
 			error = -EPERM;
 			current->role->auth_attempts++;
 			if (current->role->auth_attempts >= CONFIG_GRKERNSEC_ACL_MAXTRIES) {
 				current->role->expires =
 				    jiffies + CONFIG_GRKERNSEC_ACL_TIMEOUT * HZ;
-				security_alert(GR_MAXROLEPW_ACL_MSG,
-				       CONFIG_GRKERNSEC_ACL_MAXTRIES,
-				       gr_usermode->sp_role, DEFAULTSECARGS);
+				gr_log_str(GR_DONT_AUDIT, GR_MAXROLEPW_ACL_MSG, gr_usermode->sp_role);
 			}
 
 			goto out;
@@ -2874,28 +2863,32 @@ write_grsec_handler(struct file *file, c
 		break;
 	case UNSPROLE:
 		if (unlikely(!(gr_status & GR_READY))) {
-			security_alert_good(GR_UNSPROLEI_ACL_MSG, DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT_GOOD, GR_UNSPROLEI_ACL_MSG);
 			error = -EAGAIN;
 			break;
 		}
 
 		if (current->role->roletype & GR_ROLE_SPECIAL) {
-			security_alert_good(GR_UNSPROLES_ACL_MSG,
-					    (current->p_pptr) ? current->
-					    p_pptr->role->rolename : "",
-					    (current->p_pptr) ? current->
-					    p_pptr->acl_role_id : 0, DEFAULTSECARGS);
+			char *p = "";
+			int i = 0;
+
+			read_lock(&tasklist_lock);
+			if (current->p_pptr) {
+				p = current->p_pptr->role->rolename;
+				i = current->p_pptr->acl_role_id;
+			}
+			read_unlock(&tasklist_lock);
+
+			gr_log_str_int(GR_DONT_AUDIT_GOOD, GR_UNSPROLES_ACL_MSG, p, i);
 			gr_set_acls(1);
 		} else {
-			security_alert(GR_UNSPROLEF_ACL_MSG, current->role->rolename,
-				       DEFAULTSECARGS);
+			gr_log_str(GR_DONT_AUDIT, GR_UNSPROLEF_ACL_MSG, current->role->rolename);
 			error = -EPERM;
 			goto out;
 		}
 		break;
 	default:
-		security_alert(GR_INVMODE_ACL_MSG, gr_usermode->mode,
-			       DEFAULTSECARGS);
+		gr_log_int(GR_DONT_AUDIT, GR_INVMODE_ACL_MSG, gr_usermode->mode);
 		error = -EINVAL;
 		break;
 	}
@@ -2906,7 +2899,7 @@ write_grsec_handler(struct file *file, c
 	gr_auth_attempts++;
 
 	if (gr_auth_attempts >= CONFIG_GRKERNSEC_ACL_MAXTRIES) {
-		security_alert(GR_MAXPW_ACL_MSG, CONFIG_GRKERNSEC_ACL_MAXTRIES);
+		gr_log_noargs(GR_DONT_AUDIT, GR_MAXPW_ACL_MSG);
 		gr_auth_expires = jiffies + CONFIG_GRKERNSEC_ACL_TIMEOUT * HZ;
 	}
 
@@ -2973,8 +2966,7 @@ gr_set_acls(const int type)
 			} else {
 				read_unlock(&grsec_exec_file_lock);
 				read_unlock(&tasklist_lock);
-				security_alert_good(GR_DEFACL_MSG, task->comm,
-						    task->pid);
+				gr_log_str_int(GR_DONT_AUDIT_GOOD, GR_DEFACL_MSG, task->comm, task->pid);
 				return 1;
 			}
 		} else {
@@ -3142,18 +3134,16 @@ gr_handle_sysctl(const struct ctl_table 
 		gr_log_learn(current->role, current->uid, current->gid,
 			     current, path, new_mode);
 	} else if ((err & mode) != mode && !(err & GR_SUPPRESS)) {
-		security_alert(GR_SYSCTL_ACL_MSG, "denied", path,
-			       (mode & GR_READ) ? " reading" : "",
-			       (mode & GR_WRITE) ? " writing" : "",
-			       DEFAULTSECARGS);
+		gr_log_str4(GR_DONT_AUDIT, GR_SYSCTL_ACL_MSG, "denied",
+			       path, (mode & GR_READ) ? " reading" : "",
+			       (mode & GR_WRITE) ? " writing" : "");
 		err = 0;
 	} else if ((err & mode) != mode) {
 		err = 0;
 	} else if (((err & mode) == mode) && (err & GR_AUDITS)) {
-		security_audit(GR_SYSCTL_ACL_MSG, "successful",
+		gr_log_str4(GR_DO_AUDIT, GR_SYSCTL_ACL_MSG, "successful",
 			       path, (mode & GR_READ) ? " reading" : "",
-			       (mode & GR_WRITE) ? " writing" : "",
-			       DEFAULTSECARGS);
+			       (mode & GR_WRITE) ? " writing" : "");
 	}
 
 	path_release(&nd);
@@ -3224,10 +3214,7 @@ gr_handle_ptrace(struct task_struct *tas
 	read_unlock(&tasklist_lock);
 
 	if (tmp->pid == 0 && !(current->acl->mode & GR_RELAXPTRACE)) {
-		security_alert(GR_PTRACE_ACL_MSG, task->exec_file ? 
-			       gr_to_filename(task->exec_file->f_dentry, task->exec_file->f_vfsmnt)
-			       : "(none)", task->comm, task->pid, 
-			       DEFAULTSECARGS);
+		gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task);
 		return 1;
 	}
 
@@ -3241,8 +3228,7 @@ gr_handle_ptrace(struct task_struct *tas
 	read_unlock(&grsec_exec_file_lock);
 
 	if (retmode & GR_NOPTRACE) {
-		security_alert(GR_PTRACE_ACL_MSG, gr_to_filename(task->exec_file->f_dentry, task->exec_file->f_vfsmnt),
-			       task->comm, task->pid, DEFAULTSECARGS);
+		gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task);
 		return 1;
 	}
 		
@@ -3268,9 +3254,7 @@ gr_handle_ptrace(struct task_struct *tas
 	} else if (!(current->acl->mode & GR_OVERRIDE) &&
 		   !(current->role->roletype & GR_ROLE_GOD) &&
 		   (current->acl != task->acl)) {
-		security_alert(GR_PTRACE_ACL_MSG,
-			       gr_to_filename(task->exec_file->f_dentry, task->exec_file->f_vfsmnt),
-					      task->comm, task->pid, DEFAULTSECARGS);
+		gr_log_ptrace(GR_DONT_AUDIT, GR_PTRACE_ACL_MSG, task);
 		return 1;
 	}
 
@@ -3294,9 +3278,7 @@ gr_handle_mmap(const struct file *filp, 
 	obj2 = chk_obj_label(filp->f_dentry, filp->f_vfsmnt,
 			     current->role->root_label);
 	if (unlikely((obj->mode & GR_WRITE) || (obj2->mode & GR_WRITE))) {
-		security_alert(GR_WRITLIB_ACL_MSG,
-			       gr_to_filename(filp->f_dentry, filp->f_vfsmnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DONT_AUDIT, GR_WRITLIB_ACL_MSG, filp->f_dentry, filp->f_vfsmnt);
 		return 1;
 	}
 
@@ -3317,16 +3299,12 @@ gr_acl_handle_mmap(const struct file *fi
 			   file->f_vfsmnt);
 
 	if (unlikely(!gr_tpe_allow(file) || (!(mode & GR_EXEC) && !(mode & GR_SUPPRESS)))) {
-		security_alert(GR_MMAP_ACL_MSG, "denied",
-			       gr_to_filename(file->f_dentry, file->f_vfsmnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_rbac_generic(GR_DONT_AUDIT, GR_MMAP_ACL_MSG, file->f_dentry, file->f_vfsmnt);
 		return 0;
 	} else if (unlikely(!gr_tpe_allow(file) || !(mode & GR_EXEC))) {
 		return 0;
 	} else if (unlikely(mode & GR_EXEC && mode & GR_AUDIT_EXEC)) {
-		security_audit(GR_MMAP_ACL_MSG, "successful",
-			       gr_to_filename(file->f_dentry, file->f_vfsmnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_rbac_generic(GR_DO_AUDIT, GR_MMAP_ACL_MSG, file->f_dentry, file->f_vfsmnt);
 		return 1;
 	}
 
@@ -3347,16 +3325,12 @@ gr_acl_handle_mprotect(const struct file
 			   file->f_vfsmnt);
 
 	if (unlikely(!gr_tpe_allow(file) || (!(mode & GR_EXEC) && !(mode & GR_SUPPRESS)))) {
-		security_alert(GR_MPROTECT_ACL_MSG, "denied",
-			       gr_to_filename(file->f_dentry, file->f_vfsmnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_rbac_generic(GR_DONT_AUDIT, GR_MPROTECT_ACL_MSG, file->f_dentry, file->f_vfsmnt);
 		return 0;
 	} else if (unlikely(!gr_tpe_allow(file) || !(mode & GR_EXEC))) {
 		return 0;
 	} else if (unlikely(mode & GR_EXEC && mode & GR_AUDIT_EXEC)) {
-		security_audit(GR_MPROTECT_ACL_MSG, "successful",
-			       gr_to_filename(file->f_dentry, file->f_vfsmnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_rbac_generic(GR_DO_AUDIT, GR_MPROTECT_ACL_MSG, file->f_dentry, file->f_vfsmnt);
 		return 1;
 	}
 
@@ -3372,8 +3346,6 @@ gr_acl_handle_psacct(struct task_struct 
 	__u8 whr, chr;
 	__u8 wmin, cmin;
 	__u8 wsec, csec;
-	char cur_tty[64] = { 0 };
-	char parent_tty[64] = { 0 };
 
 	if (unlikely(!(gr_status & GR_READY) || !task->acl ||
 		     !(task->acl->mode & GR_PROCACCT)))
@@ -3397,19 +3369,7 @@ gr_acl_handle_psacct(struct task_struct 
 	cputime -= cmin * 60;
 	csec = cputime;
 
-	security_audit(GR_ACL_PROCACCT_MSG, gr_task_fullpath(task), task->comm,
-		       task->pid, NIPQUAD(task->curr_ip), tty_name(task->tty,
-								   cur_tty),
-		       task->uid, task->euid, task->gid, task->egid, wday, whr,
-		       wmin, wsec, cday, chr, cmin, csec,
-		       (task->
-			flags & PF_SIGNALED) ? "killed by signal" : "exited",
-		       code, gr_parent_task_fullpath(task), 
-		       task->p_pptr->comm, task->p_pptr->pid,
-		       NIPQUAD(task->p_pptr->curr_ip),
-		       tty_name(task->p_pptr->tty, parent_tty),
-		       task->p_pptr->uid, task->p_pptr->euid, task->p_pptr->gid,
-		       task->p_pptr->egid);
+	gr_log_procacct(GR_DO_AUDIT, GR_ACL_PROCACCT_MSG, task, wday, whr, wmin, wsec, cday, chr, cmin, csec, code);
 
 	return;
 }
Index: grsecurity/gracl_cap.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/gracl_cap.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/gracl_cap.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/gracl_cap.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -77,11 +77,7 @@ gr_task_is_capable(struct task_struct *t
 	}
 
 	if ((cap >= 0) && (cap < 29) && cap_raised(task->cap_effective, cap))
-		security_alert(GR_CAP_ACL_MSG, captab_log[cap], 
-				gr_task_fullpath(task), task->comm, task->pid, task->uid, task->euid, 
-				task->gid, task->egid, gr_parent_task_fullpath(task), 
-				task->p_pptr->comm, task->p_pptr->pid, task->p_pptr->uid, 
-				task->p_pptr->euid, task->p_pptr->gid, task->p_pptr->egid);
+		gr_log_cap(GR_DONT_AUDIT, GR_CAP_ACL_MSG, task, captab_log[cap]);
 
 	return 0;
 }
Index: grsecurity/gracl_fs.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/gracl_fs.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/gracl_fs.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/gracl_fs.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -21,13 +21,10 @@ gr_acl_handle_hidden_file(const struct d
 	    gr_search_file(dentry, GR_FIND | GR_AUDIT_FIND | GR_SUPPRESS, mnt);
 
 	if (unlikely(mode & GR_FIND && mode & GR_AUDIT_FIND)) {
-		security_audit(GR_HIDDEN_ACL_MSG, "successful",
-			       gr_to_filename(dentry, mnt), DEFAULTSECARGS);
+		gr_log_fs_rbac_generic(GR_DO_AUDIT, GR_HIDDEN_ACL_MSG, dentry, mnt);
 		return mode;
 	} else if (unlikely(!(mode & GR_FIND) && !(mode & GR_SUPPRESS))) {
-		security_alert(GR_HIDDEN_ACL_MSG, "denied",
-			       gr_to_filename(dentry, mnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_rbac_generic(GR_DONT_AUDIT, GR_HIDDEN_ACL_MSG, dentry, mnt);
 		return 0;
 	} else if (unlikely(!(mode & GR_FIND)))
 		return 0;
@@ -57,21 +54,18 @@ gr_acl_handle_open(const struct dentry *
 			   mnt);
 
 	if (unlikely(((mode & reqmode) == reqmode) && mode & GR_AUDITS)) {
-		security_audit(GR_OPEN_ACL_MSG, "successful",
-			       gr_to_filename(dentry, mnt),
+		gr_log_fs_rbac_mode2(GR_DO_AUDIT, GR_OPEN_ACL_MSG, dentry, mnt,
 			       reqmode & GR_READ ? " reading" : "",
-			       reqmode & GR_WRITE ? " writing" :
-			       reqmode & GR_APPEND ? " appending" : "",
-			       DEFAULTSECARGS);
+			       reqmode & GR_WRITE ? " writing" : reqmode &
+			       GR_APPEND ? " appending" : "");
 		return reqmode;
 	} else
 	    if (unlikely((mode & reqmode) != reqmode && !(mode & GR_SUPPRESS)))
 	{
-		security_alert(GR_OPEN_ACL_MSG, "denied",
-			       gr_to_filename(dentry, mnt),
+		gr_log_fs_rbac_mode2(GR_DONT_AUDIT, GR_OPEN_ACL_MSG, dentry, mnt,
 			       reqmode & GR_READ ? " reading" : "",
 			       reqmode & GR_WRITE ? " writing" : reqmode &
-			       GR_APPEND ? " appending" : "", DEFAULTSECARGS);
+			       GR_APPEND ? " appending" : "");
 		return 0;
 	} else if (unlikely((mode & reqmode) != reqmode))
 		return 0;
@@ -100,21 +94,18 @@ gr_acl_handle_creat(const struct dentry 
 			    reqmode | to_gr_audit(reqmode) | GR_SUPPRESS);
 
 	if (unlikely(((mode & reqmode) == reqmode) && mode & GR_AUDITS)) {
-		security_audit(GR_CREATE_ACL_MSG, "successful",
-			       gr_to_filename(dentry, p_mnt),
+		gr_log_fs_rbac_mode2(GR_DO_AUDIT, GR_CREATE_ACL_MSG, dentry, p_mnt,
 			       reqmode & GR_READ ? " reading" : "",
-			       reqmode & GR_WRITE ? " writing" :
-			       reqmode & GR_APPEND ? " appending" : "",
-			       DEFAULTSECARGS);
+			       reqmode & GR_WRITE ? " writing" : reqmode &
+			       GR_APPEND ? " appending" : "");
 		return reqmode;
 	} else
 	    if (unlikely((mode & reqmode) != reqmode && !(mode & GR_SUPPRESS)))
 	{
-		security_alert(GR_CREATE_ACL_MSG, "denied",
-			       gr_to_filename(dentry, p_mnt),
+		gr_log_fs_rbac_mode2(GR_DONT_AUDIT, GR_CREATE_ACL_MSG, dentry, p_mnt,
 			       reqmode & GR_READ ? " reading" : "",
 			       reqmode & GR_WRITE ? " writing" : reqmode &
-			       GR_APPEND ? " appending" : "", DEFAULTSECARGS);
+			       GR_APPEND ? " appending" : "");
 		return 0;
 	} else if (unlikely((mode & reqmode) != reqmode))
 		return 0;
@@ -140,22 +131,18 @@ gr_acl_handle_access(const struct dentry
 			   mnt);
 
 	if (unlikely(((mode & reqmode) == reqmode) && mode & GR_AUDITS)) {
-		security_audit(GR_ACCESS_ACL_MSG, "successful",
-			       gr_to_filename(dentry, mnt),
+		gr_log_fs_rbac_mode3(GR_DO_AUDIT, GR_ACCESS_ACL_MSG, dentry, mnt,
 			       reqmode & GR_READ ? " reading" : "",
 			       reqmode & GR_WRITE ? " writing" : "",
-			       reqmode & GR_EXEC ? " executing" : "",
-			       DEFAULTSECARGS);
+			       reqmode & GR_EXEC ? " executing" : "");
 		return reqmode;
 	} else
 	    if (unlikely((mode & reqmode) != reqmode && !(mode & GR_SUPPRESS)))
 	{
-		security_alert(GR_ACCESS_ACL_MSG, "denied",
-			       gr_to_filename(dentry, mnt),
+		gr_log_fs_rbac_mode3(GR_DONT_AUDIT, GR_ACCESS_ACL_MSG, dentry, mnt,
 			       reqmode & GR_READ ? " reading" : "",
 			       reqmode & GR_WRITE ? " writing" : "",
-			       reqmode & GR_EXEC ? " executing" : "",
-			       DEFAULTSECARGS);
+			       reqmode & GR_EXEC ? " executing" : "");
 		return 0;
 	} else if (unlikely((mode & reqmode) != reqmode))
 		return 0;
@@ -163,48 +150,46 @@ gr_acl_handle_access(const struct dentry
 	return reqmode;
 }
 
-#define generic_fs_handler(dentry, mnt, reqmode, fmt) \
-{ \
-	__u32 mode; \
-	\
-	mode = gr_search_file(dentry, reqmode | to_gr_audit(reqmode) | GR_SUPPRESS, mnt); \
-	\
-	if (unlikely(((mode & (reqmode)) == (reqmode)) && mode & GR_AUDITS)) { \
-		security_audit(fmt, "successful", \
-				gr_to_filename(dentry, mnt), DEFAULTSECARGS); \
-		return mode; \
-	} else if (unlikely((mode & (reqmode)) != (reqmode) && !(mode & GR_SUPPRESS))) { \
-		security_alert(fmt, "denied", gr_to_filename(dentry, mnt), \
-				DEFAULTSECARGS); \
-		return 0; \
-	} else if (unlikely((mode & (reqmode)) != (reqmode))) \
-		return 0; \
-	\
-	return (reqmode); \
+static __u32 generic_fs_handler(const struct dentry *dentry, const struct vfsmount *mnt, __u32 reqmode, const char *fmt)
+{
+	__u32 mode;
+
+	mode = gr_search_file(dentry, reqmode | to_gr_audit(reqmode) | GR_SUPPRESS, mnt);
+
+	if (unlikely(((mode & (reqmode)) == (reqmode)) && mode & GR_AUDITS)) {
+		gr_log_fs_rbac_generic(GR_DO_AUDIT, fmt, dentry, mnt);
+		return mode;
+	} else if (unlikely((mode & (reqmode)) != (reqmode) && !(mode & GR_SUPPRESS))) {
+		gr_log_fs_rbac_generic(GR_DONT_AUDIT, fmt, dentry, mnt);
+		return 0;
+	} else if (unlikely((mode & (reqmode)) != (reqmode)))
+		return 0;
+
+	return (reqmode);
 }
 
 __u32
 gr_acl_handle_rmdir(const struct dentry * dentry, const struct vfsmount * mnt)
 {
-	generic_fs_handler(dentry, mnt, GR_WRITE | GR_DELETE , GR_RMDIR_ACL_MSG);
+	return generic_fs_handler(dentry, mnt, GR_WRITE | GR_DELETE , GR_RMDIR_ACL_MSG);
 }
 
 __u32
 gr_acl_handle_unlink(const struct dentry *dentry, const struct vfsmount *mnt)
 {
-	generic_fs_handler(dentry, mnt, GR_WRITE | GR_DELETE , GR_UNLINK_ACL_MSG);
+	return generic_fs_handler(dentry, mnt, GR_WRITE | GR_DELETE , GR_UNLINK_ACL_MSG);
 }
 
 __u32
 gr_acl_handle_truncate(const struct dentry *dentry, const struct vfsmount *mnt)
 {
-	generic_fs_handler(dentry, mnt, GR_WRITE, GR_TRUNCATE_ACL_MSG);
+	return generic_fs_handler(dentry, mnt, GR_WRITE, GR_TRUNCATE_ACL_MSG);
 }
 
 __u32
 gr_acl_handle_utime(const struct dentry *dentry, const struct vfsmount *mnt)
 {
-	generic_fs_handler(dentry, mnt, GR_WRITE, GR_ATIME_ACL_MSG);
+	return generic_fs_handler(dentry, mnt, GR_WRITE, GR_ATIME_ACL_MSG);
 }
 
 __u32
@@ -215,10 +200,10 @@ gr_acl_handle_fchmod(const struct dentry
 		return 1;
 
 	if (unlikely((mode != (mode_t)-1) && (mode & (S_ISUID | S_ISGID)))) {
-		generic_fs_handler(dentry, mnt, GR_WRITE | GR_SETID,
+		return generic_fs_handler(dentry, mnt, GR_WRITE | GR_SETID,
 				   GR_FCHMOD_ACL_MSG);
 	} else {
-		generic_fs_handler(dentry, mnt, GR_WRITE, GR_FCHMOD_ACL_MSG);
+		return generic_fs_handler(dentry, mnt, GR_WRITE, GR_FCHMOD_ACL_MSG);
 	}
 }
 
@@ -227,29 +212,29 @@ gr_acl_handle_chmod(const struct dentry 
 		    mode_t mode)
 {
 	if (unlikely((mode != (mode_t)-1) && (mode & (S_ISUID | S_ISGID)))) {
-		generic_fs_handler(dentry, mnt, GR_WRITE | GR_SETID,
+		return generic_fs_handler(dentry, mnt, GR_WRITE | GR_SETID,
 				   GR_CHMOD_ACL_MSG);
 	} else {
-		generic_fs_handler(dentry, mnt, GR_WRITE, GR_CHMOD_ACL_MSG);
+		return generic_fs_handler(dentry, mnt, GR_WRITE, GR_CHMOD_ACL_MSG);
 	}
 }
 
 __u32
 gr_acl_handle_chown(const struct dentry *dentry, const struct vfsmount *mnt)
 {
-	generic_fs_handler(dentry, mnt, GR_WRITE, GR_CHOWN_ACL_MSG);
+	return generic_fs_handler(dentry, mnt, GR_WRITE, GR_CHOWN_ACL_MSG);
 }
 
 __u32
 gr_acl_handle_execve(const struct dentry *dentry, const struct vfsmount *mnt)
 {
-	generic_fs_handler(dentry, mnt, GR_EXEC, GR_EXEC_ACL_MSG);
+	return generic_fs_handler(dentry, mnt, GR_EXEC, GR_EXEC_ACL_MSG);
 }
 
 __u32
 gr_acl_handle_unix(const struct dentry *dentry, const struct vfsmount *mnt)
 {
-	generic_fs_handler(dentry, mnt, GR_READ | GR_WRITE,
+	return generic_fs_handler(dentry, mnt, GR_READ | GR_WRITE,
 			   GR_UNIXCONNECT_ACL_MSG);
 }
 
@@ -286,14 +271,10 @@ gr_acl_handle_link(const struct dentry *
 			  old_mnt);
 
 	if (unlikely(((mode & needmode) == needmode) && mode & GR_AUDITS)) {
-		security_audit(GR_LINK_ACL_MSG, "successful",
-			       gr_to_filename(old_dentry, old_mnt), to,
-			       DEFAULTSECARGS);
+		gr_log_fs_rbac_str(GR_DO_AUDIT, GR_LINK_ACL_MSG, old_dentry, old_mnt, to);
 		return mode;
 	} else if (unlikely(((mode & needmode) != needmode) && !(mode & GR_SUPPRESS))) {
-		security_alert(GR_LINK_ACL_MSG, "denied",
-			       gr_to_filename(old_dentry, old_mnt), to,
-			       DEFAULTSECARGS);
+		gr_log_fs_rbac_str(GR_DONT_AUDIT, GR_LINK_ACL_MSG, old_dentry, old_mnt, to);
 		return 0;
 	} else if (unlikely((mode & needmode) != needmode))
 		return 0;
@@ -315,14 +296,10 @@ gr_acl_handle_symlink(const struct dentr
 			    GR_WRITE | GR_AUDIT_WRITE | GR_SUPPRESS);
 
 	if (unlikely(mode & GR_WRITE && mode & GR_AUDITS)) {
-		security_audit(GR_SYMLINK_ACL_MSG, "successful",
-			       from, gr_to_filename(new_dentry, parent_mnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_str_rbac(GR_DO_AUDIT, GR_SYMLINK_ACL_MSG, from, new_dentry, parent_mnt);
 		return mode;
 	} else if (unlikely(((mode & needmode) != needmode) && !(mode & GR_SUPPRESS))) {
-		security_alert(GR_SYMLINK_ACL_MSG, "denied",
-			       from, gr_to_filename(new_dentry, parent_mnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_str_rbac(GR_DONT_AUDIT, GR_SYMLINK_ACL_MSG, from, new_dentry, parent_mnt);
 		return 0;
 	} else if (unlikely((mode & needmode) != needmode))
 		return 0;
@@ -330,26 +307,22 @@ gr_acl_handle_symlink(const struct dentr
 	return (GR_WRITE | GR_CREATE);
 }
 
-#define generic_fs_create_handler(new_dentry, parent_dentry, parent_mnt, reqmode, fmt) \
-{ \
-	__u32 mode; \
-	\
-	mode = gr_check_create(new_dentry, parent_dentry, parent_mnt, reqmode | to_gr_audit(reqmode) | GR_SUPPRESS); \
-	\
-	if (unlikely(((mode & (reqmode)) == (reqmode)) && mode & GR_AUDITS)) { \
-		security_audit(fmt, "successful", \
-				gr_to_filename(new_dentry, parent_mnt), \
-				DEFAULTSECARGS); \
-		return mode; \
-	} else if (unlikely((mode & (reqmode)) != (reqmode) && !(mode & GR_SUPPRESS))) { \
-		security_alert(fmt, "denied", \
-				gr_to_filename(new_dentry, parent_mnt), \
-				DEFAULTSECARGS); \
-		return 0; \
-	} else if (unlikely((mode & (reqmode)) != (reqmode))) \
-		return 0; \
-	\
-	return (reqmode); \
+static __u32 generic_fs_create_handler(const struct dentry *new_dentry, const struct dentry *parent_dentry, const struct vfsmount *parent_mnt, __u32 reqmode, const char *fmt)
+{
+	__u32 mode;
+
+	mode = gr_check_create(new_dentry, parent_dentry, parent_mnt, reqmode | to_gr_audit(reqmode) | GR_SUPPRESS);
+
+	if (unlikely(((mode & (reqmode)) == (reqmode)) && mode & GR_AUDITS)) {
+		gr_log_fs_rbac_generic(GR_DO_AUDIT, fmt, new_dentry, parent_mnt);
+		return mode;
+	} else if (unlikely((mode & (reqmode)) != (reqmode) && !(mode & GR_SUPPRESS))) {
+		gr_log_fs_rbac_generic(GR_DONT_AUDIT, fmt, new_dentry, parent_mnt);
+		return 0;
+	} else if (unlikely((mode & (reqmode)) != (reqmode)))
+		return 0;
+
+	return (reqmode);
 }
 
 __u32
@@ -362,7 +335,7 @@ gr_acl_handle_mknod(const struct dentry 
 	if (unlikely(mode & (S_ISUID | S_ISGID)))
 		reqmode |= GR_SETID;
 
-	generic_fs_create_handler(new_dentry, parent_dentry, parent_mnt,
+	return generic_fs_create_handler(new_dentry, parent_dentry, parent_mnt,
 				  reqmode, GR_MKNOD_ACL_MSG);
 }
 
@@ -371,7 +344,7 @@ gr_acl_handle_mkdir(const struct dentry 
 		    const struct dentry *parent_dentry,
 		    const struct vfsmount *parent_mnt)
 {
-	generic_fs_create_handler(new_dentry, parent_dentry, parent_mnt,
+	return generic_fs_create_handler(new_dentry, parent_dentry, parent_mnt,
 				  GR_WRITE | GR_CREATE, GR_MKDIR_ACL_MSG);
 }
 
@@ -419,14 +392,10 @@ gr_acl_handle_rename(struct dentry *new_
 
 	if (RENAME_CHECK_SUCCESS(comp1, comp2) &&
 	    ((comp1 & GR_AUDITS) || (comp2 & GR_AUDITS)))
-		security_audit(GR_RENAME_ACL_MSG, "successful",
-			       gr_to_filename(old_dentry, old_mnt),
-			       newname, DEFAULTSECARGS);
+		gr_log_fs_rbac_str(GR_DO_AUDIT, GR_RENAME_ACL_MSG, old_dentry, old_mnt, newname);
 	else if (!RENAME_CHECK_SUCCESS(comp1, comp2) && !(comp1 & GR_SUPPRESS)
 		 && !(comp2 & GR_SUPPRESS)) {
-		security_alert(GR_RENAME_ACL_MSG, "denied",
-			       gr_to_filename(old_dentry, old_mnt), newname,
-			       DEFAULTSECARGS);
+		gr_log_fs_rbac_str(GR_DONT_AUDIT, GR_RENAME_ACL_MSG, old_dentry, old_mnt, newname);
 		error = -EACCES;
 	} else if (unlikely(!RENAME_CHECK_SUCCESS(comp1, comp2)))
 		error = -EACCES;
@@ -451,8 +420,7 @@ gr_acl_handle_exit(void)
 		id = current->acl_role_id;
 		rolename = current->role->rolename;
 		gr_set_acls(1);
-		security_alert_good(GR_SPROLEL_ACL_MSG,
-				    rolename, id, DEFAULTSECARGS);
+		gr_log_str_int(GR_DONT_AUDIT_GOOD, GR_SPROLEL_ACL_MSG, rolename, id);
 	}
 
 	write_lock(&grsec_exec_file_lock);
Index: grsecurity/gracl_ip.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/gracl_ip.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/gracl_ip.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/gracl_ip.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -127,8 +127,8 @@ gr_search_socket(const int domain, const
 		goto exit;
 	}
 
-	security_alert(GR_SOCK_MSG, "inet", gr_socktype_to_name(type),
-		       gr_proto_to_name(protocol), DEFAULTSECARGS);
+	gr_log_str3(GR_DONT_AUDIT, GR_SOCK_MSG, "inet", 
+		    gr_socktype_to_name(type), gr_proto_to_name(protocol));
 
 	return 0;
       exit:
@@ -182,13 +182,9 @@ gr_search_connectbind(const int mode, co
 	}
 
 	if (mode == GR_BIND)
-		security_alert(GR_BIND_ACL_MSG, NIPQUAD(ip_addr), ip_port,
-			       gr_socktype_to_name(type), gr_proto_to_name(sk->protocol),
-			       DEFAULTSECARGS);
+		gr_log_int5_str2(GR_DONT_AUDIT, GR_BIND_ACL_MSG, NIPQUAD(ip_addr), ip_port, gr_socktype_to_name(type), gr_proto_to_name(sk->protocol));
 	else if (mode == GR_CONNECT)
-		security_alert(GR_CONNECT_ACL_MSG, NIPQUAD(ip_addr), ip_port,
-			       gr_socktype_to_name(type), gr_proto_to_name(sk->protocol),
-			       DEFAULTSECARGS);
+		gr_log_int5_str2(GR_DONT_AUDIT, GR_CONNECT_ACL_MSG, NIPQUAD(ip_addr), ip_port, gr_socktype_to_name(type), gr_proto_to_name(sk->protocol));
 
 	return 0;
 }
Index: grsecurity/gracl_res.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/gracl_res.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/gracl_res.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/gracl_res.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -19,7 +19,7 @@ static const char *restab_log[11] = {
 	"RLIMIT_LOCKS"
 };
 
-__inline__ void
+void
 gr_log_resource(const struct task_struct *task,
 		const int res, const unsigned long wanted, const int gt)
 {
@@ -31,16 +31,7 @@ gr_log_resource(const struct task_struct
 	if (unlikely(((gt && wanted > task->rlim[res].rlim_cur) ||
 		      (!gt && wanted >= task->rlim[res].rlim_cur)) &&
 		     task->rlim[res].rlim_cur != RLIM_INFINITY))
-		security_alert(GR_RESOURCE_MSG, wanted, restab_log[res],
-			       task->rlim[res].rlim_cur,
-			       gr_task_fullpath(task), task->comm,
-			       task->pid, task->uid, task->euid,
-			       task->gid, task->egid,
-			       gr_parent_task_fullpath(task),
-			       task->p_pptr->comm,
-			       task->p_pptr->pid, task->p_pptr->uid, 
-			       task->p_pptr->euid, task->p_pptr->gid,
-			       task->p_pptr->egid);
+		gr_log_res_ulong2_str(GR_DONT_AUDIT, GR_RESOURCE_MSG, task, wanted, restab_log[res], task->rlim[res].rlim_cur);
 
 	return;
 }
Index: grsecurity/gracl_segv.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/gracl_segv.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/gracl_segv.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/gracl_segv.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -217,16 +217,7 @@ gr_handle_crash(struct task_struct *task
 	if ((curr->crashes >= curr->res[GR_CRASH_RES].rlim_cur) &&
 	    time_after(curr->expires, jiffies)) {
 		if (task->uid && proc_is_setxid(task)) {
-			security_alert(GR_SEGVSTART_ACL_MSG,
-				       gr_task_fullpath(task), task->comm,
-				       task->pid, task->uid, task->euid,
-				       task->gid, task->egid,
-				       gr_parent_task_fullpath(task),
-				       task->p_pptr->comm, task->p_pptr->pid,
-				       task->p_pptr->uid, task->p_pptr->euid,
-				       task->p_pptr->gid, task->p_pptr->egid,
-				       task->uid,
-				       curr->res[GR_CRASH_RES].rlim_max / HZ);
+			gr_log_crash1(GR_DONT_AUDIT, GR_SEGVSTART_ACL_MSG, task, curr->res[GR_CRASH_RES].rlim_max / HZ);
 			write_lock(&gr_uid_lock);
 			gr_insert_uid(task->uid, curr->expires);
 			write_unlock(&gr_uid_lock);
@@ -239,16 +230,7 @@ gr_handle_crash(struct task_struct *task
 			}
 			read_unlock(&tasklist_lock);
 		} else {
-			security_alert(GR_SEGVNOSUID_ACL_MSG,
-				       gr_task_fullpath(task), task->comm,
-				       task->pid, task->uid, task->euid,
-				       task->gid, task->egid,
-				       gr_parent_task_fullpath(task),
-				       task->p_pptr->comm, task->p_pptr->pid,
-				       task->p_pptr->uid, task->p_pptr->euid,
-				       task->p_pptr->gid, task->p_pptr->egid,
-				       kdevname(curr->device), curr->inode,
-				       curr->res[GR_CRASH_RES].rlim_max / HZ);
+			gr_log_crash2(GR_DONT_AUDIT, GR_SEGVNOSUID_ACL_MSG, task, kdevname(curr->device), curr->inode, curr->res[GR_CRASH_RES].rlim_max / HZ);
 			read_lock(&tasklist_lock);
 			for_each_task(tsk) {
 				if (likely(tsk != task)) {
Index: grsecurity/gracl_shm.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/gracl_shm.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/gracl_shm.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/gracl_shm.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -27,8 +27,7 @@ gr_handle_shmat(const pid_t shm_cprid, c
 			      (task->pid == shm_lapid)) &&
 		     (task->acl->mode & GR_PROTSHM) &&
 		     (task->acl != current->acl))) {
-		security_alert(GR_SHMAT_ACL_MSG, cuid, shm_cprid, shmid,
-			       DEFAULTSECARGS);
+		gr_log_int3(GR_DONT_AUDIT, GR_SHMAT_ACL_MSG, cuid, shm_cprid, shmid);
 		return 0;
 	}
 
Index: grsecurity/grsec_chdir.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_chdir.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_chdir.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_chdir.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -12,8 +12,7 @@ gr_log_chdir(const struct dentry *dentry
 	if ((grsec_enable_chdir && grsec_enable_group &&
 	     in_group_p(grsec_audit_gid)) || (grsec_enable_chdir &&
 					      !grsec_enable_group)) {
-		security_audit(GR_CHDIR_AUDIT_MSG, gr_to_filename(dentry, mnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DO_AUDIT, GR_CHDIR_AUDIT_MSG, dentry, mnt);
 	}
 #endif
 	return;
Index: grsecurity/grsec_chroot.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_chroot.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_chroot.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_chroot.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -28,7 +28,7 @@ gr_handle_chroot_unix(const pid_t pid)
 		if (!have_same_root(current, p)) {
 			task_unlock(p);
 			read_unlock(&tasklist_lock);
-			security_alert(GR_UNIX_CHROOT_MSG, DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT, GR_UNIX_CHROOT_MSG);
 			return 0;
 		}
 		task_unlock(p);
@@ -44,7 +44,7 @@ gr_handle_chroot_nice(void)
 {
 #ifdef CONFIG_GRKERNSEC_CHROOT_NICE
 	if (grsec_enable_chroot_nice && proc_is_chrooted(current)) {
-		security_alert(GR_NICE_CHROOT_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DONT_AUDIT, GR_NICE_CHROOT_MSG);
 		return -EPERM;
 	}
 #endif
@@ -57,8 +57,7 @@ gr_handle_chroot_setpriority(const struc
 #ifdef CONFIG_GRKERNSEC_CHROOT_NICE
 	if (grsec_enable_chroot_nice && (niceval < p->nice)
 			&& proc_is_chrooted(current)) {
-		security_alert(GR_PRIORITY_CHROOT_MSG, p->comm, p->pid,
-			       DEFAULTSECARGS);
+		gr_log_str_int(GR_DONT_AUDIT, GR_PRIORITY_CHROOT_MSG, p->comm, p->pid);
 		return -EACCES;
 	}
 #endif
@@ -74,8 +73,7 @@ gr_handle_chroot_capset(struct task_stru
 	task_lock(target);
 	if (!have_same_root(current, target)) {
 		task_unlock(target);
-		security_alert(GR_CAPSET_CHROOT_MSG, target->comm, target->pid,
-			       DEFAULTSECARGS);
+		gr_log_str_int(GR_DONT_AUDIT, GR_CAPSET_CHROOT_MSG, target->comm, target->pid);
 		return 1;
 	}
 	task_unlock(target);
@@ -174,9 +172,7 @@ gr_chroot_fchdir(struct dentry *u_dentry
 	if (!proc_is_chrooted(current))
 		return 1;
 	else if (!gr_is_outside_chroot(u_dentry, u_mnt)) {
-		security_alert(GR_CHROOT_FCHDIR_MSG,
-			       gr_to_filename(u_dentry, u_mnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DONT_AUDIT, GR_CHROOT_FCHDIR_MSG, u_dentry, u_mnt);
 		return 0;
 	}
 #endif
@@ -208,7 +204,7 @@ gr_chroot_shmat(const pid_t shm_cprid, c
 		    (p->start_time < shm_createtime)) {
 			task_unlock(p);
 			read_unlock(&tasklist_lock);
-			security_alert(GR_SHMAT_CHROOT_MSG, DEFAULTSECARGS);
+			gr_log_noargs(GR_DONT_AUDIT, GR_SHMAT_CHROOT_MSG);
 			return 0;
 		}
 		task_unlock(p);
@@ -222,7 +218,7 @@ gr_chroot_shmat(const pid_t shm_cprid, c
 			if (!have_same_root(current, p)) {
 				task_unlock(p);
 				read_unlock(&tasklist_lock);
-				security_alert(GR_SHMAT_CHROOT_MSG, DEFAULTSECARGS);
+				gr_log_noargs(GR_DONT_AUDIT, GR_SHMAT_CHROOT_MSG);
 				return 0;
 			}
 			task_unlock(p);
@@ -239,8 +235,7 @@ gr_log_chroot_exec(const struct dentry *
 {
 #ifdef CONFIG_GRKERNSEC_CHROOT_EXECLOG
 	if (grsec_enable_chroot_execlog && proc_is_chrooted(current))
-		security_audit(GR_EXEC_CHROOT_MSG, gr_to_filename(dentry, mnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DO_AUDIT, GR_EXEC_CHROOT_MSG, dentry, mnt);
 #endif
 	return;
 }
@@ -252,8 +247,7 @@ gr_handle_chroot_mknod(const struct dent
 #ifdef CONFIG_GRKERNSEC_CHROOT_MKNOD
 	if (grsec_enable_chroot_mknod && !S_ISFIFO(mode) && !S_ISREG(mode) &&
 	    proc_is_chrooted(current)) {
-		security_alert(GR_MKNOD_CHROOT_MSG,
-			       gr_to_filename(dentry, mnt), DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DONT_AUDIT, GR_MKNOD_CHROOT_MSG, dentry, mnt);
 		return -EPERM;
 	}
 #endif
@@ -266,8 +260,7 @@ gr_handle_chroot_mount(const struct dent
 {
 #ifdef CONFIG_GRKERNSEC_CHROOT_MOUNT
 	if (grsec_enable_chroot_mount && proc_is_chrooted(current)) {
-		security_alert(GR_MOUNT_CHROOT_MSG, dev_name,
-			       gr_to_filename(dentry, mnt), DEFAULTSECARGS);
+		gr_log_str_fs(GR_DONT_AUDIT, GR_MOUNT_CHROOT_MSG, dev_name, dentry, mnt);
 		return -EPERM;
 	}
 #endif
@@ -279,7 +272,7 @@ gr_handle_chroot_pivot(void)
 {
 #ifdef CONFIG_GRKERNSEC_CHROOT_PIVOT
 	if (grsec_enable_chroot_pivot && proc_is_chrooted(current)) {
-		security_alert(GR_PIVOT_CHROOT_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DONT_AUDIT, GR_PIVOT_CHROOT_MSG);
 		return -EPERM;
 	}
 #endif
@@ -292,8 +285,7 @@ gr_handle_chroot_chroot(const struct den
 #ifdef CONFIG_GRKERNSEC_CHROOT_DOUBLE
 	if (grsec_enable_chroot_double && proc_is_chrooted(current) &&
 	    !gr_is_outside_chroot(dentry, mnt)) {
-		security_alert(GR_CHROOT_CHROOT_MSG,
-			       gr_to_filename(dentry, mnt), DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DONT_AUDIT, GR_CHROOT_CHROOT_MSG, dentry, mnt);
 		return -EPERM;
 	}
 #endif
@@ -345,8 +337,7 @@ gr_handle_chroot_chmod(const struct dent
 	if (grsec_enable_chroot_chmod &&
 	    ((mode & S_ISUID) || ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP))) &&
 	    proc_is_chrooted(current)) {
-		security_alert(GR_CHMOD_CHROOT_MSG,
-			       gr_to_filename(dentry, mnt), DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DONT_AUDIT, GR_CHMOD_CHROOT_MSG, dentry, mnt);
 		return -EPERM;
 	}
 #endif
Index: grsecurity/grsec_exec.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_exec.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_exec.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_exec.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -17,7 +17,7 @@ gr_handle_nproc(void)
 	    (atomic_read(&current->user->processes) >
 	     current->rlim[RLIMIT_NPROC].rlim_cur) &&
 	    !capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE)) {
-		security_alert(GR_NPROC_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DONT_AUDIT, GR_NPROC_MSG);
 		return -EAGAIN;
 	}
 #endif
@@ -62,9 +62,8 @@ gr_handle_exec_args(struct linux_binprm 
 	}
 
       log:
-	security_audit(GR_EXEC_AUDIT_MSG, gr_to_filename(bprm->file->f_dentry,
-							 bprm->file->f_vfsmnt),
-		       grarg, DEFAULTSECARGS);
+	gr_log_fs_str(GR_DO_AUDIT, GR_EXEC_AUDIT_MSG, bprm->file->f_dentry,
+			bprm->file->f_vfsmnt, grarg);
 #endif
 	return;
 }
Index: grsecurity/grsec_fifo.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_fifo.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_fifo.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_fifo.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -14,9 +14,7 @@ gr_handle_fifo(const struct dentry *dent
 	    (dentry->d_inode->i_uid != dir->d_inode->i_uid) &&
 	    (current->fsuid != dentry->d_inode->i_uid)) {
 		if (!permission(dentry->d_inode, acc_mode))
-			security_alert(GR_FIFO_MSG, gr_to_filename(dentry, mnt),
-				       dentry->d_inode->i_uid,
-				       dentry->d_inode->i_gid, DEFAULTSECARGS);
+			gr_log_fs_int2(GR_DONT_AUDIT, GR_FIFO_MSG, dentry, mnt, dentry->d_inode->i_uid, dentry->d_inode->i_gid);
 		return -EACCES;
 	}
 #endif
Index: grsecurity/grsec_fork.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_fork.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_fork.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_fork.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -8,7 +8,7 @@ gr_log_forkfail(const int retval)
 {
 #ifdef CONFIG_GRKERNSEC_FORKFAIL
 	if (grsec_enable_forkfail)
-		security_alert(GR_FAILFORK_MSG, retval, DEFAULTSECARGS);
+		gr_log_int(GR_DONT_AUDIT, GR_FAILFORK_MSG, retval);
 #endif
 	return;
 }
Index: grsecurity/grsec_init.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_init.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -B -w -p -u -r1.2 -r1.3
--- grsecurity/grsec_init.c	31 Aug 2004 22:42:56 -0000	1.2
+++ grsecurity/grsec_init.c	8 Oct 2004 04:46:18 -0000	1.3
@@ -59,6 +59,12 @@ spinlock_t grsec_audit_lock = SPIN_LOCK_
 rwlock_t grsec_exec_file_lock = RW_LOCK_UNLOCKED;
 
 char *gr_shared_page[4][NR_CPUS];
+
+char *gr_alert_log_fmt;
+char *gr_audit_log_fmt;
+char *gr_alert_log_buf;
+char *gr_audit_log_buf;
+
 extern struct gr_arg *gr_usermode;
 extern unsigned char *gr_system_salt;
 extern unsigned char *gr_system_sum;
@@ -79,6 +85,28 @@ grsecurity_init(void)
 		}
 	}
 
+	/* allocate log buffers */
+	gr_alert_log_fmt = kmalloc(512, GFP_KERNEL);
+	if (!gr_alert_log_fmt) {
+		panic("Unable to allocate grsecurity alert log format buffer");
+		return;
+	}
+	gr_audit_log_fmt = kmalloc(512, GFP_KERNEL);
+	if (!gr_audit_log_fmt) {
+		panic("Unable to allocate grsecurity audit log format buffer");
+		return;
+	}
+	gr_alert_log_buf = (char *) get_zeroed_page(GFP_KERNEL);
+	if (!gr_alert_log_buf) {
+		panic("Unable to allocate grsecurity alert log buffer");
+		return;
+	}
+	gr_audit_log_buf = (char *) get_zeroed_page(GFP_KERNEL);
+	if (!gr_audit_log_buf) {
+		panic("Unable to allocate grsecurity audit log buffer");
+		return;
+	}
+
 	/* allocate memory for authentication structure */
 	gr_usermode = kmalloc(sizeof(struct gr_arg), GFP_KERNEL);
 	gr_system_salt = kmalloc(GR_SALT_LEN, GFP_KERNEL);
Index: grsecurity/grsec_ipc.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_ipc.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_ipc.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_ipc.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -13,7 +13,7 @@ gr_log_msgget(const int ret, const int m
 	      grsec_enable_audit_ipc) || (grsec_enable_audit_ipc &&
 					  !grsec_enable_group)) && (ret >= 0)
 	    && (msgflg & IPC_CREAT))
-		security_audit(GR_MSGQ_AUDIT_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DO_AUDIT, GR_MSGQ_AUDIT_MSG);
 #endif
 	return;
 }
@@ -25,7 +25,7 @@ gr_log_msgrm(const uid_t uid, const uid_
 	if ((grsec_enable_group && in_group_p(grsec_audit_gid) &&
 	     grsec_enable_audit_ipc) ||
 	    (grsec_enable_audit_ipc && !grsec_enable_group))
-		security_audit(GR_MSGQR_AUDIT_MSG, uid, cuid, DEFAULTSECARGS);
+		gr_log_int_int(GR_DO_AUDIT, GR_MSGQR_AUDIT_MSG, uid, cuid);
 #endif
 	return;
 }
@@ -38,7 +38,7 @@ gr_log_semget(const int err, const int s
 	      grsec_enable_audit_ipc) || (grsec_enable_audit_ipc &&
 					  !grsec_enable_group)) && (err >= 0)
 	    && (semflg & IPC_CREAT))
-		security_audit(GR_SEM_AUDIT_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DO_AUDIT, GR_SEM_AUDIT_MSG);
 #endif
 	return;
 }
@@ -50,7 +50,7 @@ gr_log_semrm(const uid_t uid, const uid_
 	if ((grsec_enable_group && in_group_p(grsec_audit_gid) &&
 	     grsec_enable_audit_ipc) ||
 	    (grsec_enable_audit_ipc && !grsec_enable_group))
-		security_audit(GR_SEMR_AUDIT_MSG, uid, cuid, DEFAULTSECARGS);
+		gr_log_int_int(GR_DO_AUDIT, GR_SEMR_AUDIT_MSG, uid, cuid);
 #endif
 	return;
 }
@@ -63,7 +63,7 @@ gr_log_shmget(const int err, const int s
 	      grsec_enable_audit_ipc) || (grsec_enable_audit_ipc &&
 					  !grsec_enable_group)) && (err >= 0)
 	    && (shmflg & IPC_CREAT))
-		security_audit(GR_SHM_AUDIT_MSG, size, DEFAULTSECARGS);
+		gr_log_int(GR_DO_AUDIT, GR_SHM_AUDIT_MSG, size);
 #endif
 	return;
 }
@@ -75,7 +75,7 @@ gr_log_shmrm(const uid_t uid, const uid_
 	if ((grsec_enable_group && in_group_p(grsec_audit_gid) &&
 	     grsec_enable_audit_ipc) ||
 	    (grsec_enable_audit_ipc && !grsec_enable_group))
-		security_audit(GR_SHMR_AUDIT_MSG, uid, cuid, DEFAULTSECARGS);
+		gr_log_int_int(GR_DO_AUDIT, GR_SHMR_AUDIT_MSG, uid, cuid);
 #endif
 	return;
 }
Index: grsecurity/grsec_link.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_link.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_link.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_link.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -13,8 +13,7 @@ gr_handle_follow_link(const struct inode
 	if (grsec_enable_link && S_ISLNK(inode->i_mode) &&
 	    (parent->i_mode & S_ISVTX) && (parent->i_uid != inode->i_uid) &&
 	    (parent->i_mode & S_IWOTH) && (current->fsuid != inode->i_uid)) {
-		security_alert(GR_SYMLINK_MSG, gr_to_filename(dentry, mnt),
-			       inode->i_uid, inode->i_gid, DEFAULTSECARGS);
+		gr_log_fs_int2(GR_DONT_AUDIT, GR_SYMLINK_MSG, dentry, mnt, inode->i_uid, inode->i_gid);
 		return -EACCES;
 	}
 #endif
@@ -32,8 +31,7 @@ gr_handle_hardlink(const struct dentry *
 	     ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) ||
 	     (permission(inode, MAY_READ | MAY_WRITE))) &&
 	    !capable(CAP_FOWNER) && current->uid) {
-		security_alert(GR_HARDLINK_MSG, gr_to_filename(dentry, mnt),
-			       inode->i_uid, inode->i_gid, to, DEFAULTSECARGS);
+		gr_log_fs_int2_str(GR_DONT_AUDIT, GR_HARDLINK_MSG, dentry, mnt, inode->i_uid, inode->i_gid, to);
 		return -EPERM;
 	}
 #endif
Index: grsecurity/grsec_log.c
===================================================================
RCS file: grsecurity/grsec_log.c
diff -N grsecurity/grsec_log.c
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ grsecurity/grsec_log.c	8 Oct 2004 04:46:18 -0000	1.1
@@ -0,0 +1,262 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
+#include <linux/file.h>
+#include <linux/fs.h>
+#include <linux/grinternal.h>
+
+#define BEGIN_LOCKS(x) \
+	read_lock(&tasklist_lock); \
+	read_lock(&grsec_exec_file_lock); \
+	if (x != GR_DO_AUDIT) \
+		spin_lock(&grsec_alert_lock); \
+	else \
+		spin_lock(&grsec_audit_lock)
+
+#define END_LOCKS(x) \
+	if (x != GR_DO_AUDIT) \
+		spin_unlock(&grsec_alert_lock); \
+	else \
+		spin_unlock(&grsec_audit_lock); \
+	read_unlock(&grsec_exec_file_lock); \
+	read_unlock(&tasklist_lock); \
+	if (x == GR_DONT_AUDIT) \
+		gr_handle_alertkill()
+
+enum {
+	FLOODING,
+	NO_FLOODING
+};
+
+extern char *gr_alert_log_fmt;
+extern char *gr_audit_log_fmt;
+extern char *gr_alert_log_buf;
+extern char *gr_audit_log_buf;
+
+static int gr_log_start(int audit)
+{
+	char *loglevel = (audit == GR_DO_AUDIT) ? KERN_INFO : KERN_ALERT;
+	char *fmt = (audit == GR_DO_AUDIT) ? gr_audit_log_fmt : gr_alert_log_fmt;
+	char *buf = (audit == GR_DO_AUDIT) ? gr_audit_log_buf : gr_alert_log_buf;
+
+	if (audit == GR_DO_AUDIT)
+		goto set_fmt;
+
+	if (!grsec_alert_wtime || jiffies - grsec_alert_wtime > CONFIG_GRKERNSEC_FLOODTIME * HZ) {
+		grsec_alert_wtime = jiffies;
+		grsec_alert_fyet = 0;
+	} else if ((jiffies - grsec_alert_wtime < CONFIG_GRKERNSEC_FLOODTIME * HZ) && (grsec_alert_fyet < CONFIG_GRKERNSEC_FLOODBURST)) {
+		grsec_alert_fyet++;
+	} else if (grsec_alert_fyet == CONFIG_GRKERNSEC_FLOODBURST) {
+		grsec_alert_wtime = jiffies;
+		grsec_alert_fyet++;
+		printk(KERN_ALERT "grsec: more alerts, logging disabled for %d seconds\n", CONFIG_GRKERNSEC_FLOODTIME);
+		return FLOODING;
+	}
+
+set_fmt:
+	memset(buf, 0, PAGE_SIZE);
+	if (current->curr_ip && gr_acl_is_enabled()) {
+		sprintf(fmt, "%s%s", loglevel, "grsec: From %u.%u.%u.%u: (%.64s:%c:%.950s) ");
+		snprintf(buf, PAGE_SIZE - 1, fmt, NIPQUAD(current->curr_ip), current->role->rolename, gr_roletype_to_char(), current->acl->filename);
+	} else if (current->curr_ip) {
+		sprintf(fmt, "%s%s", loglevel, "grsec: From %u.%u.%u.%u: ");
+		snprintf(buf, PAGE_SIZE - 1, fmt, NIPQUAD(current->curr_ip));
+	} else if (gr_acl_is_enabled()) {
+		sprintf(fmt, "%s%s", loglevel, "grsec: (%.64s:%c:%.950s) ");
+		snprintf(buf, PAGE_SIZE - 1, fmt, current->role->rolename, gr_roletype_to_char(), current->acl->filename);
+	} else {
+		sprintf(fmt, "%s%s", loglevel, "grsec: ");
+		strcpy(buf, fmt);
+	}
+
+	return NO_FLOODING;
+}
+
+static void gr_log_middle(int audit, const char *msg, va_list ap)
+{
+	char *buf = (audit == GR_DO_AUDIT) ? gr_audit_log_buf : gr_alert_log_buf;
+	unsigned int len = strlen(buf);
+
+	vsnprintf(buf + len, PAGE_SIZE - len - 1, msg, ap);
+
+	return;
+}
+
+static void gr_log_middle_varargs(int audit, const char *msg, ...)
+{
+	char *buf = (audit == GR_DO_AUDIT) ? gr_audit_log_buf : gr_alert_log_buf;
+	unsigned int len = strlen(buf);
+	va_list ap;
+
+	va_start(ap, msg);
+	vsnprintf(buf + len, PAGE_SIZE - len - 1, msg, ap);
+	va_end(ap);
+
+	return;
+}
+
+static void gr_log_end(int audit)
+{
+	char *buf = (audit == GR_DO_AUDIT) ? gr_audit_log_buf : gr_alert_log_buf;
+	unsigned int len = strlen(buf);
+
+	snprintf(buf + len, PAGE_SIZE - len - 1, DEFAULTSECMSG, DEFAULTSECARGS);
+	printk("%s", buf);
+
+	return;
+}
+
+void gr_log_varargs(int audit, const char *msg, int argtypes, ...)
+{
+	int logtype;
+	char *result = (audit == GR_DO_AUDIT) ? "successful" : "denied";
+	char *str1, *str2, *str3;
+	int num1, num2;
+	unsigned long ulong1, ulong2;
+	struct dentry *dentry;
+	struct vfsmount *mnt;
+	struct file *file;
+	struct task_struct *task;
+	va_list ap;
+
+	BEGIN_LOCKS(audit);
+	logtype = gr_log_start(audit);
+	if (logtype == FLOODING) {
+		END_LOCKS(audit);
+		return;
+	}
+	va_start(ap, argtypes);
+	switch (argtypes) {
+	case GR_RBAC:
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		gr_log_middle_varargs(audit, msg, result, gr_to_filename(dentry, mnt));
+		break;
+	case GR_RBAC_STR:
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		str1 = va_arg(ap, char *);
+		gr_log_middle_varargs(audit, msg, result, gr_to_filename(dentry, mnt), str1);
+		break;
+	case GR_STR_RBAC:
+		str1 = va_arg(ap, char *);
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		gr_log_middle_varargs(audit, msg, result, str1, gr_to_filename(dentry, mnt));
+		break;
+	case GR_RBAC_MODE2:
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		str1 = va_arg(ap, char *);
+		str2 = va_arg(ap, char *);
+		gr_log_middle_varargs(audit, msg, result, gr_to_filename(dentry, mnt), str1, str2);
+		break;
+	case GR_RBAC_MODE3:
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		str1 = va_arg(ap, char *);
+		str2 = va_arg(ap, char *);
+		str3 = va_arg(ap, char *);
+		gr_log_middle_varargs(audit, msg, result, gr_to_filename(dentry, mnt), str1, str2, str3);
+		break;
+	case GR_FILENAME:
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		gr_log_middle_varargs(audit, msg, gr_to_filename(dentry, mnt));
+		break;
+	case GR_STR_FILENAME:
+		str1 = va_arg(ap, char *);
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		gr_log_middle_varargs(audit, msg, str1, gr_to_filename(dentry, mnt));
+		break;
+	case GR_FILENAME_STR:
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		str1 = va_arg(ap, char *);
+		gr_log_middle_varargs(audit, msg, gr_to_filename(dentry, mnt), str1);
+		break;
+	case GR_FILENAME_TWO_INT:
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		num1 = va_arg(ap, int);
+		num2 = va_arg(ap, int);
+		gr_log_middle_varargs(audit, msg, gr_to_filename(dentry, mnt), num1, num2);
+		break;
+	case GR_FILENAME_TWO_INT_STR:
+		dentry = va_arg(ap, struct dentry *);
+		mnt = va_arg(ap, struct vfsmount *);
+		num1 = va_arg(ap, int);
+		num2 = va_arg(ap, int);
+		str1 = va_arg(ap, char *);
+		gr_log_middle_varargs(audit, msg, gr_to_filename(dentry, mnt), num1, num2, str1);
+		break;
+	case GR_TEXTREL:
+		file = va_arg(ap, struct file *);
+		ulong1 = va_arg(ap, unsigned long);
+		ulong2 = va_arg(ap, unsigned long);
+		gr_log_middle_varargs(audit, msg, file ? gr_to_filename(file->f_dentry, file->f_vfsmnt) : "<anonymous mapping>", ulong1, ulong2);
+		break;
+	case GR_PTRACE:
+		task = va_arg(ap, struct task_struct *);
+		gr_log_middle_varargs(audit, msg, task->exec_file ? gr_to_filename(task->exec_file->f_dentry, task->exec_file->f_vfsmnt) : "(none)", task->comm, task->pid);
+		break;
+	case GR_RESOURCE:
+		task = va_arg(ap, struct task_struct *);
+		ulong1 = va_arg(ap, unsigned long);
+		str1 = va_arg(ap, char *);
+		ulong2 = va_arg(ap, unsigned long);
+		gr_log_middle_varargs(audit, msg, ulong1, str1, ulong2, gr_task_fullpath(task), task->comm, task->pid, task->uid, task->euid, task->gid, task->egid, gr_parent_task_fullpath(task), task->p_pptr->comm, task->p_pptr->pid, task->p_pptr->uid, task->p_pptr->euid, task->p_pptr->gid, task->p_pptr->egid);
+		break;
+	case GR_CAP:
+		task = va_arg(ap, struct task_struct *);
+		str1 = va_arg(ap, char *);
+		gr_log_middle_varargs(audit, msg, str1, gr_task_fullpath(task), task->comm, task->pid, task->uid, task->euid, task->gid, task->egid, gr_parent_task_fullpath(task), task->p_pptr->comm, task->p_pptr->pid, task->p_pptr->uid, task->p_pptr->euid, task->p_pptr->gid, task->p_pptr->egid);
+		break;
+	case GR_SIG:
+		task = va_arg(ap, struct task_struct *);
+		num1 = va_arg(ap, int);
+		gr_log_middle_varargs(audit, msg, num1, gr_task_fullpath0(task), task->comm, task->pid, task->uid, task->euid, task->gid, task->egid, gr_parent_task_fullpath0(task), task->p_pptr->comm, task->p_pptr->pid, task->p_pptr->uid, task->p_pptr->euid, task->p_pptr->gid, task->p_pptr->egid);
+		break;
+	case GR_CRASH1:
+		task = va_arg(ap, struct task_struct *);
+		ulong1 = va_arg(ap, unsigned long);
+		gr_log_middle_varargs(audit, msg, gr_task_fullpath(task), task->comm, task->pid, task->uid, task->euid, task->gid, task->egid, gr_parent_task_fullpath(task), task->p_pptr->comm, task->p_pptr->pid, task->p_pptr->uid, task->p_pptr->euid, task->p_pptr->gid, task->p_pptr->egid, task->uid, ulong1);
+		break;
+	case GR_CRASH2:
+		task = va_arg(ap, struct task_struct *);
+		str1 = va_arg(ap, char *);
+		ulong1 = va_arg(ap, unsigned long);
+		ulong2 = va_arg(ap, unsigned long);
+		gr_log_middle_varargs(audit, msg, gr_task_fullpath(task), task->comm, task->pid, task->uid, task->euid, task->gid, task->egid, gr_parent_task_fullpath(task), task->p_pptr->comm, task->p_pptr->pid, task->p_pptr->uid, task->p_pptr->euid, task->p_pptr->gid, task->p_pptr->egid, task->uid, str1, ulong1, ulong2);
+		break;
+	case GR_PSACCT:
+		{
+			unsigned int wday, cday;
+			__u8 whr, chr;
+			__u8 wmin, cmin;
+			__u8 wsec, csec;
+			char cur_tty[64] = { 0 };
+			char parent_tty[64] = { 0 };
+
+			task = va_arg(ap, struct task_struct *);
+			wday = va_arg(ap, unsigned int);
+			cday = va_arg(ap, unsigned int);
+			whr = va_arg(ap, int);
+			chr = va_arg(ap, int);
+			wmin = va_arg(ap, int);
+			cmin = va_arg(ap, int);
+			wsec = va_arg(ap, int);
+			csec = va_arg(ap, int);
+			ulong1 = va_arg(ap, unsigned long);
+
+			gr_log_middle_varargs(audit, msg, gr_task_fullpath(task), task->comm, task->pid, NIPQUAD(task->curr_ip), tty_name(task->tty, cur_tty), task->uid, task->euid, task->gid, task->egid, wday, whr, wmin, wsec, cday, chr, cmin, csec, (task->flags & PF_SIGNALED) ? "killed by signal" : "exited", ulong1, gr_parent_task_fullpath(task), task->p_pptr->comm, task->p_pptr->pid, NIPQUAD(task->p_pptr->curr_ip), tty_name(task->p_pptr->tty, parent_tty), task->p_pptr->uid, task->p_pptr->euid, task->p_pptr->gid, task->p_pptr->egid);
+		}
+		break;
+	default:
+		gr_log_middle(audit, msg, ap);
+	}
+	va_end(ap);
+	gr_log_end(audit);
+	END_LOCKS(audit);
+}
Index: grsecurity/grsec_mem.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_mem.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_mem.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_mem.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -6,35 +6,35 @@
 void
 gr_handle_ioperm(void)
 {
-	security_alert(GR_IOPERM_MSG, DEFAULTSECARGS);
+	gr_log_noargs(GR_DONT_AUDIT, GR_IOPERM_MSG);
 	return;
 }
 
 void
 gr_handle_iopl(void)
 {
-	security_alert(GR_IOPL_MSG, DEFAULTSECARGS);
+	gr_log_noargs(GR_DONT_AUDIT, GR_IOPL_MSG);
 	return;
 }
 
 void
 gr_handle_mem_write(void)
 {
-	security_alert(GR_MEM_WRITE_MSG, DEFAULTSECARGS);
+	gr_log_noargs(GR_DONT_AUDIT, GR_MEM_WRITE_MSG);
 	return;
 }
 
 void
 gr_handle_kmem_write(void)
 {
-	security_alert(GR_KMEM_MSG, DEFAULTSECARGS);
+	gr_log_noargs(GR_DONT_AUDIT, GR_KMEM_MSG);
 	return;
 }
 
 void
 gr_handle_open_port(void)
 {
-	security_alert(GR_PORT_OPEN_MSG, DEFAULTSECARGS);
+	gr_log_noargs(GR_DONT_AUDIT, GR_PORT_OPEN_MSG);
 	return;
 }
 
@@ -42,7 +42,7 @@ int
 gr_handle_mem_mmap(const unsigned long offset, struct vm_area_struct *vma)
 {
 	if (offset + vma->vm_end - vma->vm_start <= offset) {
-		security_alert(GR_MEM_MMAP_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DONT_AUDIT, GR_MEM_MMAP_MSG);
 		return -EPERM;
 	}
 
@@ -52,7 +52,7 @@ gr_handle_mem_mmap(const unsigned long o
 	    && !(offset == 0xa0000 && ((vma->vm_end - vma->vm_start) <= 0x20000))
 #endif
 	   ) {
-		security_alert(GR_MEM_MMAP_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DONT_AUDIT, GR_MEM_MMAP_MSG);
 		return -EPERM;
 	} else if (offset < __pa(high_memory))
 		vma->vm_flags &= ~VM_MAYWRITE;
Index: grsecurity/grsec_mount.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_mount.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_mount.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_mount.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -8,7 +8,7 @@ gr_log_remount(const char *devname, cons
 {
 #ifdef CONFIG_GRKERNSEC_AUDIT_MOUNT
 	if (grsec_enable_mount && (retval >= 0))
-		security_audit(GR_REMOUNT_AUDIT_MSG, devname ? devname : "none", DEFAULTSECARGS);
+		gr_log_str(GR_DO_AUDIT, GR_REMOUNT_AUDIT_MSG, devname ? devname : "none");
 #endif
 	return;
 }
@@ -18,7 +18,7 @@ gr_log_unmount(const char *devname, cons
 {
 #ifdef CONFIG_GRKERNSEC_AUDIT_MOUNT
 	if (grsec_enable_mount && (retval >= 0))
-		security_audit(GR_UNMOUNT_AUDIT_MSG, devname ? devname : "none", DEFAULTSECARGS);
+		gr_log_str(GR_DO_AUDIT, GR_UNMOUNT_AUDIT_MSG, devname ? devname : "none");
 #endif
 	return;
 }
@@ -28,7 +28,7 @@ gr_log_mount(const char *from, const cha
 {
 #ifdef CONFIG_GRKERNSEC_AUDIT_MOUNT
 	if (grsec_enable_mount && (retval >= 0))
-		security_audit(GR_MOUNT_AUDIT_MSG, from, to, DEFAULTSECARGS);
+		gr_log_str_str(GR_DO_AUDIT, GR_UNMOUNT_AUDIT_MSG, from, to);
 #endif
 	return;
 }
Index: grsecurity/grsec_sig.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_sig.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_sig.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_sig.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -9,17 +9,9 @@ gr_log_signal(const int sig, const struc
 	if (grsec_enable_signal && ((sig == SIGSEGV) || (sig == SIGILL) ||
 				    (sig == SIGABRT) || (sig == SIGBUS))) {
 		if (t->pid == current->pid) {
-			security_alert_good(GR_UNISIGLOG_MSG, sig,
-					    DEFAULTSECARGS);
+			gr_log_int(GR_DONT_AUDIT_GOOD, GR_UNISIGLOG_MSG, sig);
 		} else {
-			security_alert_good(GR_DUALSIGLOG_MSG, sig,
-					    gr_task_fullpath0(t), t->comm,
-					    t->pid, t->uid, t->euid, t->gid,
-					    t->egid, gr_parent_task_fullpath0(t),
-					    t->p_pptr->comm,
-					    t->p_pptr->pid, t->p_pptr->uid,
-					    t->p_pptr->euid, t->p_pptr->gid,
-					    t->p_pptr->egid, DEFAULTSECARGS);
+			gr_log_sig(GR_DONT_AUDIT_GOOD, GR_DUALSIGLOG_MSG, t, sig);
 		}
 	}
 #endif
@@ -31,13 +23,7 @@ gr_handle_signal(const struct task_struc
 {
 #ifdef CONFIG_GRKERNSEC
 	if (current->pid > 1 && sig != SIGCHLD && gr_check_protected_task(p)) {
-		security_alert(GR_SIG_ACL_MSG, sig, gr_task_fullpath0(p),
-			       p->comm, p->pid, p->uid,
-			       p->euid, p->gid, p->egid,
-			       gr_parent_task_fullpath0(p), p->p_pptr->comm,
-			       p->p_pptr->pid, p->p_pptr->uid,
-			       p->p_pptr->euid, p->p_pptr->gid,
-			       p->p_pptr->egid, DEFAULTSECARGS);
+		gr_log_sig(GR_DONT_AUDIT_GOOD, GR_SIG_ACL_MSG, p, sig);
 		return -EPERM;
 	} else if (gr_pid_is_chrooted((struct task_struct *)p)) {
 		return -EPERM;
Index: grsecurity/grsec_sock.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_sock.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -b -B -w -p -u -r1.3 -r1.4
--- grsecurity/grsec_sock.c	2 Sep 2004 19:03:21 -0000	1.3
+++ grsecurity/grsec_sock.c	8 Oct 2004 04:46:18 -0000	1.4
@@ -148,8 +148,7 @@ gr_handle_sock_all(const int family, con
 #ifdef CONFIG_GRKERNSEC_SOCKET_ALL
 	if (grsec_enable_socket_all && in_group_p(grsec_socket_all_gid) &&
 	    (family != AF_UNIX) && (family != AF_LOCAL) && (type < SOCK_MAX)) {
-		security_alert(GR_SOCK2_MSG, family, gr_socktype_to_name(type), gr_proto_to_name(protocol),
-			       DEFAULTSECARGS);
+		gr_log_int_str2(GR_DONT_AUDIT, GR_SOCK2_MSG, family, gr_socktype_to_name(type), gr_proto_to_name(protocol));
 		return -EACCES;
 	}
 #endif
@@ -164,7 +163,7 @@ gr_handle_sock_server(const struct socka
 	    in_group_p(grsec_socket_server_gid) &&
 	    sck && (sck->sa_family != AF_UNIX) &&
 	    (sck->sa_family != AF_LOCAL)) {
-		security_alert(GR_BIND_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DONT_AUDIT, GR_BIND_MSG);
 		return -EACCES;
 	}
 #endif
@@ -178,7 +177,7 @@ gr_handle_sock_client(const struct socka
 	if (grsec_enable_socket_client && in_group_p(grsec_socket_client_gid) &&
 	    sck && (sck->sa_family != AF_UNIX) &&
 	    (sck->sa_family != AF_LOCAL)) {
-		security_alert(GR_CONNECT_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DONT_AUDIT, GR_CONNECT_MSG);
 		return -EACCES;
 	}
 #endif
Index: grsecurity/grsec_sysctl.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_sysctl.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_sysctl.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_sysctl.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -8,7 +8,7 @@ gr_handle_sysctl_mod(const char *dirname
 {
 #ifdef CONFIG_GRKERNSEC_SYSCTL
 	if (!strcmp(dirname, "grsecurity") && grsec_lock && (op & 002)) {
-		security_alert(GR_SYSCTL_MSG, name, DEFAULTSECARGS);
+		gr_log_str(GR_DONT_AUDIT, GR_SYSCTL_MSG, name);
 		return -EACCES;
 	}
 #endif
Index: grsecurity/grsec_textrel.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_textrel.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_textrel.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_textrel.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -10,10 +10,7 @@ gr_log_textrel(struct vm_area_struct * v
 {
 #ifdef CONFIG_GRKERNSEC_AUDIT_TEXTREL
 	if (grsec_enable_audit_textrel)
-		security_audit(GR_TEXTREL_AUDIT_MSG, vma->vm_file ? 
-				gr_to_filename(vma->vm_file->f_dentry, vma->vm_file->f_vfsmnt)
-				: "<anonymous mapping>", vma->vm_start, 
-				vma->vm_pgoff, DEFAULTSECARGS);
+		gr_log_textrel_ulong_ulong(GR_DO_AUDIT, GR_TEXTREL_AUDIT_MSG, vma->vm_file, vma->vm_start, vma->vm_pgoff);
 #endif
 	return;
 }
Index: grsecurity/grsec_time.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_time.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_time.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_time.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -7,7 +7,7 @@ gr_log_timechange(void)
 {
 #ifdef CONFIG_GRKERNSEC_TIME
 	if (grsec_enable_time)
-		security_alert_good(GR_TIME_MSG, DEFAULTSECARGS);
+		gr_log_noargs(GR_DONT_AUDIT_GOOD, GR_TIME_MSG);
 #endif
 	return;
 }
Index: grsecurity/grsec_tpe.c
===================================================================
RCS file: /home/cvs/grsecurity2/grsecurity/grsec_tpe.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- grsecurity/grsec_tpe.c	8 Aug 2004 12:02:41 -0000	1.1
+++ grsecurity/grsec_tpe.c	8 Oct 2004 04:46:18 -0000	1.2
@@ -15,18 +15,14 @@ gr_tpe_allow(const struct file *file)
 	if (current->uid && ((grsec_enable_tpe && in_group_p(grsec_tpe_gid)) || gr_acl_tpe_check()) &&
 	    (inode->i_uid || (!inode->i_uid && ((inode->i_mode & S_IWGRP) ||
 						(inode->i_mode & S_IWOTH))))) {
-		security_alert(GR_EXEC_TPE_MSG,
-			       gr_to_filename(file->f_dentry, file->f_vfsmnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, file->f_dentry, file->f_vfsmnt);
 		return 0;
 	}
 #ifdef CONFIG_GRKERNSEC_TPE_ALL
 	if (current->uid && grsec_enable_tpe && grsec_enable_tpe_all &&
 	    ((inode->i_uid && (inode->i_uid != current->uid)) ||
 	     (inode->i_mode & S_IWGRP) || (inode->i_mode & S_IWOTH))) {
-		security_alert(GR_EXEC_TPE_MSG,
-			       gr_to_filename(file->f_dentry, file->f_vfsmnt),
-			       DEFAULTSECARGS);
+		gr_log_fs_generic(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, file->f_dentry, file->f_vfsmnt);
 		return 0;
 	}
 #endif
Index: include/linux/grinternal.h
===================================================================
RCS file: /home/cvs/grsecurity2/include/linux/grinternal.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -B -w -p -u -r1.2 -r1.3
--- include/linux/grinternal.h	5 Oct 2004 21:56:04 -0000	1.2
+++ include/linux/grinternal.h	8 Oct 2004 04:46:20 -0000	1.3
@@ -129,71 +129,82 @@ extern rwlock_t grsec_exec_file_lock;
 	CAP_TO_MASK(CAP_NET_RAW) | CAP_TO_MASK(CAP_SYS_TTY_CONFIG) | \
 	CAP_TO_MASK(CAP_IPC_OWNER))
 
-#define security_alert_good(normal_msg,args...) \
+#define security_learn(normal_msg,args...) \
 ({ \
-	read_lock(&tasklist_lock); \
 	read_lock(&grsec_exec_file_lock); \
-	spin_lock(&grsec_alert_lock); \
-	\
-	if (!grsec_alert_wtime || jiffies - grsec_alert_wtime > CONFIG_GRKERNSEC_FLOODTIME * HZ) { \
-	    grsec_alert_wtime = jiffies; grsec_alert_fyet = 0; \
-	    if (current->curr_ip && gr_acl_is_enabled()) \
-		printk(KERN_ALERT "grsec: From %u.%u.%u.%u: (%.64s:%c:%.950s) " normal_msg "\n", NIPQUAD(current->curr_ip), current->role->rolename, gr_roletype_to_char(), current->acl->filename , ## args); \
-	    else if (current->curr_ip) \
-		printk(KERN_ALERT "grsec: From %u.%u.%u.%u: " normal_msg "\n", NIPQUAD(current->curr_ip) , ## args); \
-	    else if (gr_acl_is_enabled()) \
-		printk(KERN_ALERT "grsec: (%.64s:%c:%.950s) " normal_msg "\n", current->role->rolename, gr_roletype_to_char(), current->acl->filename , ## args); \
-	    else \
-	    	printk(KERN_ALERT "grsec: " normal_msg "\n" , ## args); \
-	} else if((jiffies - grsec_alert_wtime < CONFIG_GRKERNSEC_FLOODTIME * HZ) && (grsec_alert_fyet < CONFIG_GRKERNSEC_FLOODBURST)) { \
-	    grsec_alert_fyet++; \
-	    if (current->curr_ip && gr_acl_is_enabled()) \
-		printk(KERN_ALERT "grsec: From %u.%u.%u.%u: (%.64s:%c:%.950s) " normal_msg "\n", NIPQUAD(current->curr_ip), current->role->rolename, gr_roletype_to_char(), current->acl->filename , ## args); \
-	    else if (current->curr_ip) \
-		printk(KERN_ALERT "grsec: From %u.%u.%u.%u: " normal_msg "\n", NIPQUAD(current->curr_ip) , ## args); \
-	    else if (gr_acl_is_enabled()) \
-		printk(KERN_ALERT "grsec: (%.64s:%c:%.950s) " normal_msg "\n", current->role->rolename, gr_roletype_to_char(), current->acl->filename , ## args); \
-	    else \
-	    	printk(KERN_ALERT "grsec: " normal_msg "\n" , ## args); \
-	} else if (grsec_alert_fyet == CONFIG_GRKERNSEC_FLOODBURST) { \
-	    grsec_alert_wtime = jiffies; grsec_alert_fyet++; \
-	    printk(KERN_ALERT "grsec: more alerts, logging disabled for " \
-		    "%d seconds\n", CONFIG_GRKERNSEC_FLOODTIME); \
-	} \
-	\
-	spin_unlock(&grsec_alert_lock); \
+	gr_add_learn_entry(normal_msg "\n", ## args); \
 	read_unlock(&grsec_exec_file_lock); \
-	read_unlock(&tasklist_lock); \
 })
 
-#define security_alert(normal_msg,args...) \
-({ \
-	security_alert_good(normal_msg,args); \
-	gr_handle_alertkill(); \
-})
+enum {
+	GR_DO_AUDIT,
+	GR_DONT_AUDIT,
+	GR_DONT_AUDIT_GOOD
+};
 
-#define security_audit(normal_msg,args...) \
-({ \
-	read_lock(&tasklist_lock); \
-	read_lock(&grsec_exec_file_lock); \
-	spin_lock(&grsec_audit_lock); \
-	if (current->curr_ip && gr_acl_is_enabled()) \
-	    printk(KERN_INFO "grsec: From %u.%u.%u.%u: (%.64s:%.950s) " normal_msg "\n", NIPQUAD(current->curr_ip), current->role->rolename, current->acl->filename , ## args); \
-	else if (current->curr_ip) \
-	    printk(KERN_INFO "grsec: From %u.%u.%u.%u: " normal_msg "\n", NIPQUAD(current->curr_ip) , ## args); \
-	else if (gr_acl_is_enabled()) \
-	    printk(KERN_INFO "grsec: (%.64s:%.950s) " normal_msg "\n", current->role->rolename, current->acl->filename , ## args); \
-	else \
-	    printk(KERN_INFO "grsec: " normal_msg "\n" , ## args); \
-	spin_unlock(&grsec_audit_lock); \
-	read_unlock(&grsec_exec_file_lock); \
-	read_unlock(&tasklist_lock); \
-})
+enum {
+	GR_RBAC,
+	GR_RBAC_STR,
+	GR_STR_RBAC,
+	GR_RBAC_MODE2,
+	GR_RBAC_MODE3,
+	GR_FILENAME,
+	GR_NOARGS,
+	GR_ONE_INT,
+	GR_ONE_INT_TWO_STR,
+	GR_ONE_STR,
+	GR_STR_INT,
+	GR_TWO_INT,
+	GR_THREE_INT,
+	GR_FIVE_INT_TWO_STR,
+	GR_TWO_STR,
+	GR_THREE_STR,
+	GR_FOUR_STR,
+	GR_STR_FILENAME,
+	GR_FILENAME_STR,
+	GR_FILENAME_TWO_INT,
+	GR_FILENAME_TWO_INT_STR,
+	GR_TEXTREL,
+	GR_PTRACE,
+	GR_RESOURCE,
+	GR_CAP,
+	GR_SIG,
+	GR_CRASH1,
+	GR_CRASH2,
+	GR_PSACCT
+};
 
-#define security_learn(normal_msg,args...) \
-({ \
-	gr_add_learn_entry(normal_msg "\n", ## args); \
-})
+#define gr_log_fs_rbac_generic(audit, msg, dentry, mnt) gr_log_varargs(audit, msg, GR_RBAC, dentry, mnt)
+#define gr_log_fs_rbac_str(audit, msg, dentry, mnt, str) gr_log_varargs(audit, msg, GR_RBAC_STR, dentry, mnt, str)
+#define gr_log_fs_str_rbac(audit, msg, str, dentry, mnt) gr_log_varargs(audit, msg, GR_STR_RBAC, str, dentry, mnt)
+#define gr_log_fs_rbac_mode2(audit, msg, dentry, mnt, str1, str2) gr_log_varargs(audit, msg, GR_RBAC_MODE2, dentry, mnt, str1, str2)
+#define gr_log_fs_rbac_mode3(audit, msg, dentry, mnt, str1, str2, str3) gr_log_varargs(audit, msg, GR_RBAC_MODE3, dentry, mnt, str1, str2, str3)
+#define gr_log_fs_generic(audit, msg, dentry, mnt) gr_log_varargs(audit, msg, GR_FILENAME, dentry, mnt)
+#define gr_log_noargs(audit, msg) gr_log_varargs(audit, msg, GR_NOARGS)
+#define gr_log_int(audit, msg, num) gr_log_varargs(audit, msg, GR_ONE_INT, num)
+#define gr_log_int_str2(audit, msg, num, str1, str2) gr_log_varargs(audit, msg, GR_ONE_INT_TWO_STR, num, str1, str2)
+#define gr_log_str(audit, msg, str) gr_log_varargs(audit, msg, GR_ONE_STR, str)
+#define gr_log_str_int(audit, msg, str, num) gr_log_varargs(audit, msg, GR_STR_INT, str, num)
+#define gr_log_int_int(audit, msg, num1, num2) gr_log_varargs(audit, msg, GR_TWO_INT, num1, num2)
+#define gr_log_int3(audit, msg, num1, num2, num3) gr_log_varargs(audit, msg, GR_THREE_INT, num1, num2, num3)
+#define gr_log_int5_str2(audit, msg, num1, num2, str1, str2) gr_log_varargs(audit, msg, GR_FIVE_INT_TWO_STR, num1, num2, str1, str2)
+#define gr_log_str_str(audit, msg, str1, str2) gr_log_varargs(audit, msg, GR_TWO_STR, str1, str2)
+#define gr_log_str3(audit, msg, str1, str2, str3) gr_log_varargs(audit, msg, GR_THREE_STR, str1, str2, str3)
+#define gr_log_str4(audit, msg, str1, str2, str3, str4) gr_log_varargs(audit, msg, GR_FOUR_STR, str1, str2, str3, str4)
+#define gr_log_str_fs(audit, msg, str, dentry, mnt) gr_log_varargs(audit, msg, GR_STR_FILENAME, str, dentry, mnt)
+#define gr_log_fs_str(audit, msg, dentry, mnt, str) gr_log_varargs(audit, msg, GR_FILENAME_STR, dentry, mnt, str)
+#define gr_log_fs_int2(audit, msg, dentry, mnt, num1, num2) gr_log_varargs(audit, msg, GR_FILENAME_TWO_INT, dentry, mnt, num1, num2)
+#define gr_log_fs_int2_str(audit, msg, dentry, mnt, num1, num2, str) gr_log_varargs(audit, msg, GR_FILENAME_TWO_INT_STR, dentry, mnt, num1, num2, str)
+#define gr_log_textrel_ulong_ulong(audit, msg, file, ulong1, ulong2) gr_log_varargs(audit, msg, GR_TEXTREL, file, ulong1, ulong2)
+#define gr_log_ptrace(audit, msg, task) gr_log_varargs(audit, msg, GR_PTRACE, task)
+#define gr_log_res_ulong2_str(audit, msg, task, ulong1, str, ulong2) gr_log_varargs(audit, msg, GR_RESOURCE, task, ulong1, str, ulong2)
+#define gr_log_cap(audit, msg, task, str) gr_log_varargs(audit, msg, GR_CAP, task, str)
+#define gr_log_sig(audit, msg, task, num) gr_log_varargs(audit, msg, GR_SIG, task, num)
+#define gr_log_crash1(audit, msg, task, ulong) gr_log_varargs(audit, msg, GR_CRASH1, task, ulong)
+#define gr_log_crash2(audit, msg, task, str, ulong1, ulong2) gr_log_varargs(audit, msg, GR_CRASH2, task, str, ulong1, ulong2)
+#define gr_log_procacct(audit, msg, task, num1, num2, num3, num4, num5, num6, num7, num8, num9) gr_log_varargs(audit, msg, GR_PSACCT, task, num1, num2, num3, num4, num5, num6, num7, num8, num9)
+
+extern void gr_log_varargs(int audit, const char *msg, int argtypes, ...);
 
 #endif
 
Index: include/linux/grmsg.h
===================================================================
RCS file: /home/cvs/grsecurity2/include/linux/grmsg.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -B -w -p -u -r1.1 -r1.2
--- include/linux/grmsg.h	8 Aug 2004 12:02:47 -0000	1.1
+++ include/linux/grmsg.h	8 Oct 2004 04:46:20 -0000	1.2
@@ -1,108 +1,108 @@
 #define DEFAULTSECMSG "%.256s[%.16s:%d] uid/euid:%d/%d gid/egid:%d/%d, parent %.256s[%.16s:%d] uid/euid:%d/%d gid/egid:%d/%d"
 #define GR_ACL_PROCACCT_MSG "%.256s[%.16s:%d] IP:%u.%u.%u.%u TTY:%.64s uid/euid:%d/%d gid/egid:%d/%d run time:[%ud %uh %um %us] cpu time:[%ud %uh %um %us] %s with exit code %ld, parent %.256s[%.16s:%d] IP:%u.%u.%u.%u TTY:%.64s uid/euid:%d/%d gid/egid:%d/%d"
-#define GR_PTRACE_ACL_MSG "denied ptrace of %.950s(%.16s:%d) by " DEFAULTSECMSG
-#define GR_IOPERM_MSG "denied use of ioperm() by " DEFAULTSECMSG
-#define GR_IOPL_MSG "denied use of iopl() by " DEFAULTSECMSG
-#define GR_SHMAT_ACL_MSG "denied attach of shared memory of UID %u, PID %d, ID %u by " DEFAULTSECMSG
-#define GR_UNIX_CHROOT_MSG "denied connect to abstract AF_UNIX socket outside of chroot by " DEFAULTSECMSG
-#define GR_SHMAT_CHROOT_MSG "denied attach of shared memory outside of chroot by " DEFAULTSECMSG
-#define GR_KMEM_MSG "attempted write to /dev/kmem by " DEFAULTSECMSG
-#define GR_PORT_OPEN_MSG "attempted open of /dev/port by " DEFAULTSECMSG
-#define GR_MEM_WRITE_MSG "attempted write of /dev/mem by " DEFAULTSECMSG
-#define GR_MEM_MMAP_MSG "attempted mmap write of /dev/[k]mem by " DEFAULTSECMSG
-#define GR_SYMLINK_MSG "not following symlink %.950s owned by %d.%d by " DEFAULTSECMSG
+#define GR_PTRACE_ACL_MSG "denied ptrace of %.950s(%.16s:%d) by "
+#define GR_IOPERM_MSG "denied use of ioperm() by "
+#define GR_IOPL_MSG "denied use of iopl() by "
+#define GR_SHMAT_ACL_MSG "denied attach of shared memory of UID %u, PID %d, ID %u by "
+#define GR_UNIX_CHROOT_MSG "denied connect to abstract AF_UNIX socket outside of chroot by "
+#define GR_SHMAT_CHROOT_MSG "denied attach of shared memory outside of chroot by "
+#define GR_KMEM_MSG "attempted write to /dev/kmem by "
+#define GR_PORT_OPEN_MSG "attempted open of /dev/port by "
+#define GR_MEM_WRITE_MSG "attempted write of /dev/mem by "
+#define GR_MEM_MMAP_MSG "attempted mmap write of /dev/[k]mem by "
+#define GR_SYMLINK_MSG "not following symlink %.950s owned by %d.%d by "
 #define GR_LEARN_AUDIT_MSG "%s\t%u\t%u\t%u\t%.4095s\t%.4095s\t%lu\t%lu\t%.4095s\t%lu\t%u.%u.%u.%u"
-#define GR_HIDDEN_ACL_MSG "%s access to hidden file %.950s by " DEFAULTSECMSG
-#define GR_OPEN_ACL_MSG "%s open of %.950s for%s%s by " DEFAULTSECMSG
-#define GR_CREATE_ACL_MSG "%s create of %.950s for%s%s by " DEFAULTSECMSG
-#define GR_FIFO_MSG "denied writing FIFO %.950s of %d.%d by " DEFAULTSECMSG
-#define GR_MKNOD_CHROOT_MSG "refused attempt to mknod %.950s from chroot by " DEFAULTSECMSG
-#define GR_MKNOD_ACL_MSG "%s mknod of %.950s by " DEFAULTSECMSG
-#define GR_UNIXCONNECT_ACL_MSG "%s connect to the unix domain socket %.950s by " DEFAULTSECMSG
-#define GR_MKDIR_ACL_MSG "%s mkdir of %.950s by " DEFAULTSECMSG
-#define GR_RMDIR_ACL_MSG "%s rmdir of %.950s by " DEFAULTSECMSG
-#define GR_UNLINK_ACL_MSG "%s unlink of %.950s by " DEFAULTSECMSG
-#define GR_SYMLINK_ACL_MSG "%s symlink from %.480s to %.480s by " DEFAULTSECMSG
-#define GR_HARDLINK_MSG "denied hardlink of %.930s (owned by %d.%d) to %.30s for " DEFAULTSECMSG
-#define GR_LINK_ACL_MSG "%s link of %.480s to %.480s by " DEFAULTSECMSG
-#define GR_INHERIT_ACL_MSG "successful inherit of %.480s's ACL for %.480s by " DEFAULTSECMSG
-#define GR_RENAME_ACL_MSG "%s rename of %.480s to %.480s by " DEFAULTSECMSG
-#define GR_PTRACE_EXEC_ACL_MSG "denied ptrace of %.950s by " DEFAULTSECMSG
-#define GR_NPROC_MSG "attempt to overstep process limit by " DEFAULTSECMSG
-#define GR_EXEC_ACL_MSG "%s execution of %.950s by " DEFAULTSECMSG
-#define GR_EXEC_TPE_MSG "denied untrusted exec of %.950s by " DEFAULTSECMSG
+#define GR_HIDDEN_ACL_MSG "%s access to hidden file %.950s by "
+#define GR_OPEN_ACL_MSG "%s open of %.950s for%s%s by "
+#define GR_CREATE_ACL_MSG "%s create of %.950s for%s%s by "
+#define GR_FIFO_MSG "denied writing FIFO %.950s of %d.%d by "
+#define GR_MKNOD_CHROOT_MSG "refused attempt to mknod %.950s from chroot by "
+#define GR_MKNOD_ACL_MSG "%s mknod of %.950s by "
+#define GR_UNIXCONNECT_ACL_MSG "%s connect to the unix domain socket %.950s by "
+#define GR_MKDIR_ACL_MSG "%s mkdir of %.950s by "
+#define GR_RMDIR_ACL_MSG "%s rmdir of %.950s by "
+#define GR_UNLINK_ACL_MSG "%s unlink of %.950s by "
+#define GR_SYMLINK_ACL_MSG "%s symlink from %.480s to %.480s by "
+#define GR_HARDLINK_MSG "denied hardlink of %.930s (owned by %d.%d) to %.30s for "
+#define GR_LINK_ACL_MSG "%s link of %.480s to %.480s by "
+#define GR_INHERIT_ACL_MSG "successful inherit of %.480s's ACL for %.480s by "
+#define GR_RENAME_ACL_MSG "%s rename of %.480s to %.480s by "
+#define GR_PTRACE_EXEC_ACL_MSG "denied ptrace of %.950s by "
+#define GR_NPROC_MSG "attempt to overstep process limit by "
+#define GR_EXEC_ACL_MSG "%s execution of %.950s by "
+#define GR_EXEC_TPE_MSG "denied untrusted exec of %.950s by "
 #define GR_SEGVSTART_ACL_MSG "possible exploit bruteforcing on " DEFAULTSECMSG " Banning uid %u from login for %lu seconds"
 #define GR_SEGVNOSUID_ACL_MSG "possible exploit bruteforcing on " DEFAULTSECMSG " Banning execution of [%.16s:%lu] for %lu seconds"
-#define GR_MOUNT_CHROOT_MSG "denied attempt to mount %.30s as %.930s from chroot by " DEFAULTSECMSG
-#define GR_PIVOT_CHROOT_MSG "denied attempt to pivot_root from chroot by " DEFAULTSECMSG
-#define GR_TRUNCATE_ACL_MSG "%s truncate of %.950s by " DEFAULTSECMSG
-#define GR_ATIME_ACL_MSG "%s access time change of %.950s by " DEFAULTSECMSG
-#define GR_ACCESS_ACL_MSG "%s access of %.950s for%s%s%s by " DEFAULTSECMSG
-#define GR_CHROOT_CHROOT_MSG "denied attempt to double chroot to %.950s by " DEFAULTSECMSG
-#define GR_FCHMOD_ACL_MSG "%s fchmod of %.950s by " DEFAULTSECMSG
-#define GR_CHMOD_CHROOT_MSG "denied attempt to chmod +s %.950s by " DEFAULTSECMSG
-#define GR_CHMOD_ACL_MSG "%s chmod of %.950s by " DEFAULTSECMSG
-#define GR_CHROOT_FCHDIR_MSG "attempted fchdir outside of chroot to %.950s by " DEFAULTSECMSG
-#define GR_CHOWN_ACL_MSG "%s chown of %.950s by " DEFAULTSECMSG
-#define GR_WRITLIB_ACL_MSG "denied load of writable library %.950s by " DEFAULTSECMSG
-#define GR_INITF_ACL_MSG "init_variables() failed %s"
+#define GR_MOUNT_CHROOT_MSG "denied attempt to mount %.30s as %.930s from chroot by "
+#define GR_PIVOT_CHROOT_MSG "denied attempt to pivot_root from chroot by "
+#define GR_TRUNCATE_ACL_MSG "%s truncate of %.950s by "
+#define GR_ATIME_ACL_MSG "%s access time change of %.950s by "
+#define GR_ACCESS_ACL_MSG "%s access of %.950s for%s%s%s by "
+#define GR_CHROOT_CHROOT_MSG "denied attempt to double chroot to %.950s by "
+#define GR_FCHMOD_ACL_MSG "%s fchmod of %.950s by "
+#define GR_CHMOD_CHROOT_MSG "denied attempt to chmod +s %.950s by "
+#define GR_CHMOD_ACL_MSG "%s chmod of %.950s by "
+#define GR_CHROOT_FCHDIR_MSG "attempted fchdir outside of chroot to %.950s by "
+#define GR_CHOWN_ACL_MSG "%s chown of %.950s by "
+#define GR_WRITLIB_ACL_MSG "denied load of writable library %.950s by "
+#define GR_INITF_ACL_MSG "init_variables() failed %s by "
 #define GR_DISABLED_ACL_MSG "Error loading %s, trying to run kernel with acls disabled. To disable acls at startup use <kernel image name> gracl=off from your boot loader"
-#define GR_DEV_ACL_MSG "/dev/grsec: being fed garbage %d bytes sent %d required"
-#define GR_SHUTS_ACL_MSG "shutdown auth success for " DEFAULTSECMSG
-#define GR_SHUTF_ACL_MSG "shutdown auth failure for " DEFAULTSECMSG
-#define GR_SHUTI_ACL_MSG "ignoring shutdown for disabled RBAC system for " DEFAULTSECMSG
-#define GR_SEGVMODS_ACL_MSG "segvmod auth success for " DEFAULTSECMSG
-#define GR_SEGVMODF_ACL_MSG "segvmod auth failure for " DEFAULTSECMSG
-#define GR_SEGVMODI_ACL_MSG "ignoring segvmod for disabled RBAC system for " DEFAULTSECMSG
-#define GR_ENABLE_ACL_MSG "Loaded %s"
-#define GR_ENABLEF_ACL_MSG "Unable to load %s for " DEFAULTSECMSG " RBAC system may already be enabled."
+#define GR_DEV_ACL_MSG "/dev/grsec: %d bytes sent %d required, being fed garbaged by "
+#define GR_SHUTS_ACL_MSG "shutdown auth success for "
+#define GR_SHUTF_ACL_MSG "shutdown auth failure for "
+#define GR_SHUTI_ACL_MSG "ignoring shutdown for disabled RBAC system for "
+#define GR_SEGVMODS_ACL_MSG "segvmod auth success for "
+#define GR_SEGVMODF_ACL_MSG "segvmod auth failure for "
+#define GR_SEGVMODI_ACL_MSG "ignoring segvmod for disabled RBAC system for "
+#define GR_ENABLE_ACL_MSG "%s RBAC system loaded by "
+#define GR_ENABLEF_ACL_MSG "Unable to load %s for "
 #define GR_RELOADI_ACL_MSG "Ignoring reload request for disabled RBAC system"
-#define GR_RELOAD_ACL_MSG "Reloaded %s"
-#define GR_RELOADF_ACL_MSG "Failed reload of %s for " DEFAULTSECMSG
-#define GR_SPROLEI_ACL_MSG "Ignoring change to special role for disabled RBAC system for " DEFAULTSECMSG
-#define GR_SPROLES_ACL_MSG "successful change to special role %s (id %d) by " DEFAULTSECMSG
-#define GR_SPROLEL_ACL_MSG "special role %s (id %d) exited by " DEFAULTSECMSG
-#define GR_SPROLEF_ACL_MSG "special role %s failure for " DEFAULTSECMSG
-#define GR_UNSPROLEI_ACL_MSG "Ignoring unauth of special role for disabled RBAC system for " DEFAULTSECMSG
-#define GR_UNSPROLES_ACL_MSG "successful unauth of special role %s (id %d) by " DEFAULTSECMSG
-#define GR_UNSPROLEF_ACL_MSG "special role unauth of %s failure for " DEFAULTSECMSG
-#define GR_INVMODE_ACL_MSG "Invalid mode %d by " DEFAULTSECMSG
-#define GR_MAXPW_ACL_MSG "Maximum pw attempts reached (%d), locking password authentication"
-#define GR_MAXROLEPW_ACL_MSG "Maximum pw attempts reached (%d) trying to auth to special role %s, locking auth for role of " DEFAULTSECMSG
-#define GR_PRIORITY_CHROOT_MSG "attempted priority change of process (%.16s:%d) by " DEFAULTSECMSG
-#define GR_CAPSET_CHROOT_MSG "denied capset of (%.16s:%d) within chroot by " DEFAULTSECMSG
-#define GR_FAILFORK_MSG "failed fork with errno %d by " DEFAULTSECMSG
-#define GR_NICE_CHROOT_MSG "attempted priority change by " DEFAULTSECMSG
-#define GR_UNISIGLOG_MSG "signal %d sent to " DEFAULTSECMSG
-#define GR_DUALSIGLOG_MSG "signal %d sent to " DEFAULTSECMSG " by " DEFAULTSECMSG
-#define GR_SIG_ACL_MSG "Attempted send of signal %d to protected task " DEFAULTSECMSG " by " DEFAULTSECMSG
-#define GR_SYSCTL_MSG "attempt to modify grsecurity sysctl value : %.32s by " DEFAULTSECMSG
-#define GR_SYSCTL_ACL_MSG "%s sysctl of %.950s for%s%s by " DEFAULTSECMSG
-#define GR_TIME_MSG "time set by " DEFAULTSECMSG
-#define GR_DEFACL_MSG "Fatal: Unable to find ACL for (%.16s:%d)"
-#define GR_MMAP_ACL_MSG "%s executable mmap of %.950s by " DEFAULTSECMSG
-#define GR_MPROTECT_ACL_MSG "%s executable mprotect of %.950s by " DEFAULTSECMSG
-#define GR_SOCK_MSG "attempted socket(%.16s,%.16s,%.16s) by " DEFAULTSECMSG
-#define GR_SOCK2_MSG "attempted socket(%d,%.16s,%.16s) by " DEFAULTSECMSG
-#define GR_BIND_MSG "attempted bind() by " DEFAULTSECMSG
-#define GR_CONNECT_MSG "attempted connect by " DEFAULTSECMSG
-#define GR_BIND_ACL_MSG "attempted bind to %u.%u.%u.%u port %u sock type %.16s protocol %.16s by " DEFAULTSECMSG
-#define GR_CONNECT_ACL_MSG "attempted connect to %u.%u.%u.%u port %u sock type %.16s protocol %.16s by " DEFAULTSECMSG
+#define GR_RELOAD_ACL_MSG "%s RBAC system reloaded by "
+#define GR_RELOADF_ACL_MSG "Failed reload of %s for "
+#define GR_SPROLEI_ACL_MSG "Ignoring change to special role for disabled RBAC system for "
+#define GR_SPROLES_ACL_MSG "successful change to special role %s (id %d) by "
+#define GR_SPROLEL_ACL_MSG "special role %s (id %d) exited by "
+#define GR_SPROLEF_ACL_MSG "special role %s failure for "
+#define GR_UNSPROLEI_ACL_MSG "Ignoring unauth of special role for disabled RBAC system for "
+#define GR_UNSPROLES_ACL_MSG "successful unauth of special role %s (id %d) by "
+#define GR_UNSPROLEF_ACL_MSG "special role unauth of %s failure for "
+#define GR_INVMODE_ACL_MSG "Invalid mode %d by "
+#define GR_MAXPW_ACL_MSG "Maximum pw attempts reached, locking password authentication for "
+#define GR_MAXROLEPW_ACL_MSG "Maximum pw attempts reached trying to auth to special role %s, locking auth for role of "
+#define GR_PRIORITY_CHROOT_MSG "attempted priority change of process (%.16s:%d) by "
+#define GR_CAPSET_CHROOT_MSG "denied capset of (%.16s:%d) within chroot by "
+#define GR_FAILFORK_MSG "failed fork with errno %d by "
+#define GR_NICE_CHROOT_MSG "attempted priority change by "
+#define GR_UNISIGLOG_MSG "signal %d sent to "
+#define GR_DUALSIGLOG_MSG "signal %d sent to " DEFAULTSECMSG " by "
+#define GR_SIG_ACL_MSG "Attempted send of signal %d to protected task " DEFAULTSECMSG " by "
+#define GR_SYSCTL_MSG "attempt to modify grsecurity sysctl value : %.32s by "
+#define GR_SYSCTL_ACL_MSG "%s sysctl of %.950s for%s%s by "
+#define GR_TIME_MSG "time set by "
+#define GR_DEFACL_MSG "Fatal: Unable to find subject for (%.16s:%d), loaded by "
+#define GR_MMAP_ACL_MSG "%s executable mmap of %.950s by "
+#define GR_MPROTECT_ACL_MSG "%s executable mprotect of %.950s by "
+#define GR_SOCK_MSG "attempted socket(%.16s,%.16s,%.16s) by "
+#define GR_SOCK2_MSG "attempted socket(%d,%.16s,%.16s) by "
+#define GR_BIND_MSG "attempted bind() by "
+#define GR_CONNECT_MSG "attempted connect by "
+#define GR_BIND_ACL_MSG "attempted bind to %u.%u.%u.%u port %u sock type %.16s protocol %.16s by "
+#define GR_CONNECT_ACL_MSG "attempted connect to %u.%u.%u.%u port %u sock type %.16s protocol %.16s by "
 #define GR_IP_LEARN_MSG "%s\t%u\t%u\t%u\t%.4095s\t%.4095s\t%u.%u.%u.%u\t%u\t%u\t%u\t%u\t%u.%u.%u.%u"
-#define GR_EXEC_CHROOT_MSG "exec of %.980s within chroot by process " DEFAULTSECMSG
-#define GR_CAP_ACL_MSG "use of %s denied for " DEFAULTSECMSG
-#define GR_USRCHANGE_ACL_MSG "change to uid %d denied for " DEFAULTSECMSG
-#define GR_GRPCHANGE_ACL_MSG "change to gid %d denied for " DEFAULTSECMSG
-#define GR_REMOUNT_AUDIT_MSG "remount of %.30s by " DEFAULTSECMSG
-#define GR_UNMOUNT_AUDIT_MSG "unmount of %.30s by " DEFAULTSECMSG
-#define GR_MOUNT_AUDIT_MSG "mount %.30s to %.64s by " DEFAULTSECMSG
-#define GR_CHDIR_AUDIT_MSG "chdir to %.980s by " DEFAULTSECMSG
-#define GR_EXEC_AUDIT_MSG "exec of %.930s (%.63s) by " DEFAULTSECMSG
-#define GR_MSGQ_AUDIT_MSG "message queue created by " DEFAULTSECMSG
-#define GR_MSGQR_AUDIT_MSG "message queue of uid:%d euid:%d removed by " DEFAULTSECMSG
-#define GR_SEM_AUDIT_MSG "semaphore created by " DEFAULTSECMSG
-#define GR_SEMR_AUDIT_MSG "semaphore of uid:%d euid:%d removed by " DEFAULTSECMSG
-#define GR_SHM_AUDIT_MSG "shared memory of size %d created by " DEFAULTSECMSG
-#define GR_SHMR_AUDIT_MSG "shared memory of uid:%d euid:%d removed by " DEFAULTSECMSG
-#define GR_RESOURCE_MSG "attempted resource overstep by requesting %lu for %.16s against limit %lu by " DEFAULTSECMSG
-#define GR_TEXTREL_AUDIT_MSG "text relocation in %s, VMA:0x%08lx 0x%08lx by " DEFAULTSECMSG
+#define GR_EXEC_CHROOT_MSG "exec of %.980s within chroot by process "
+#define GR_CAP_ACL_MSG "use of %s denied for "
+#define GR_USRCHANGE_ACL_MSG "change to uid %d denied for "
+#define GR_GRPCHANGE_ACL_MSG "change to gid %d denied for "
+#define GR_REMOUNT_AUDIT_MSG "remount of %.30s by "
+#define GR_UNMOUNT_AUDIT_MSG "unmount of %.30s by "
+#define GR_MOUNT_AUDIT_MSG "mount %.30s to %.64s by "
+#define GR_CHDIR_AUDIT_MSG "%s chdir to %.980s by "
+#define GR_EXEC_AUDIT_MSG "exec of %.930s (%.63s) by "
+#define GR_MSGQ_AUDIT_MSG "message queue created by "
+#define GR_MSGQR_AUDIT_MSG "message queue of uid:%d euid:%d removed by "
+#define GR_SEM_AUDIT_MSG "semaphore created by "
+#define GR_SEMR_AUDIT_MSG "semaphore of uid:%d euid:%d removed by "
+#define GR_SHM_AUDIT_MSG "shared memory of size %d created by "
+#define GR_SHMR_AUDIT_MSG "shared memory of uid:%d euid:%d removed by "
+#define GR_RESOURCE_MSG "attempted resource overstep by requesting %lu for %.16s against limit %lu by "
+#define GR_TEXTREL_AUDIT_MSG "text relocation in %s, VMA:0x%08lx 0x%08lx by "