[v3,0/3] IMA: improve log messages in IMA

Message ID	20200211231414.6640-1-tusharsu@linux.microsoft.com (mailing list archive)
Headers	show Return-Path: <SRS0=Yr3x=37=vger.kernel.org=linux-integrity-owner@kernel.org> From: Tushar Sugandhi <tusharsu@linux.microsoft.com> To: zohar@linux.ibm.com, joe@perches.com, skhan@linuxfoundation.org, linux-integrity@vger.kernel.org Cc: sashal@kernel.org, nramas@linux.microsoft.com, linux-kernel@vger.kernel.org Subject: [PATCH v3 0/3] IMA: improve log messages in IMA Date: Tue, 11 Feb 2020 15:14:11 -0800 Message-Id: <20200211231414.6640-1-tusharsu@linux.microsoft.com> Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk
Series	IMA: improve log messages in IMA \| expand [v3,0/3] IMA: improve log messages in IMA [v3,1/3] IMA: Update KBUILD_MODNAME for IMA files to ima [v3,2/3] IMA: Add log statements for failure conditions. [v3,3/3] IMA: Add module name and base name prefix to log.

Message ID

20200211231414.6640-1-tusharsu@linux.microsoft.com (mailing list archive)

Headers

From: Tushar Sugandhi <tusharsu@linux.microsoft.com>
To: zohar@linux.ibm.com, joe@perches.com, skhan@linuxfoundation.org,
        linux-integrity@vger.kernel.org
Cc: sashal@kernel.org, nramas@linux.microsoft.com,
        linux-kernel@vger.kernel.org
Subject: [PATCH v3 0/3] IMA: improve log messages in IMA
Date: Tue, 11 Feb 2020 15:14:11 -0800
Message-Id: <20200211231414.6640-1-tusharsu@linux.microsoft.com>
Sender: linux-integrity-owner@vger.kernel.org
Precedence: bulk

Series

IMA: improve log messages in IMA | expand

Message

Tushar Sugandhi Feb. 11, 2020, 11:14 p.m. UTC

Some files under IMA prefix the log statement with the respective file
names and not with the string "ima". This is not consistent with the rest
of the IMA files.

The function process_buffer_measurement() does not have log messages for
failure conditions.

The #define for formatting log messages, pr_fmt, is duplicated in the
files under security/integrity.

This patchset addresses the above issues.

Tushar Sugandhi (3):
  add log prefix to ima_mok.c, ima_asymmetric_keys.c, ima_queue_keys.c
  add log message to process_buffer_measurement failure conditions
  add module name and base name prefix to log statements

 security/integrity/digsig.c                  | 2 --
 security/integrity/digsig_asymmetric.c       | 2 --
 security/integrity/evm/evm_crypto.c          | 2 --
 security/integrity/evm/evm_main.c            | 2 --
 security/integrity/evm/evm_secfs.c           | 2 --
 security/integrity/ima/Makefile              | 6 +++---
 security/integrity/ima/ima_asymmetric_keys.c | 2 --
 security/integrity/ima/ima_crypto.c          | 2 --
 security/integrity/ima/ima_fs.c              | 2 --
 security/integrity/ima/ima_init.c            | 2 --
 security/integrity/ima/ima_kexec.c           | 1 -
 security/integrity/ima/ima_main.c            | 5 +++--
 security/integrity/ima/ima_policy.c          | 2 --
 security/integrity/ima/ima_queue.c           | 2 --
 security/integrity/ima/ima_queue_keys.c      | 2 --
 security/integrity/ima/ima_template.c        | 2 --
 security/integrity/ima/ima_template_lib.c    | 2 --
 security/integrity/integrity.h               | 6 ++++++
 18 files changed, 12 insertions(+), 34 deletions(-)

Comments

Mimi Zohar Feb. 12, 2020, 3:23 p.m. UTC | #1

Hi Tushar,

"in IMA" is redundant in the above Subject line.

On Tue, 2020-02-11 at 15:14 -0800, Tushar Sugandhi wrote:
> Some files under IMA prefix the log statement with the respective file
> names and not with the string "ima". This is not consistent with the rest
> of the IMA files.
> 
> The function process_buffer_measurement() does not have log messages for
> failure conditions.
> 
> The #define for formatting log messages, pr_fmt, is duplicated in the
> files under security/integrity.
> 
> This patchset addresses the above issues.

The cover letter should provide a summary of the problem(s) being
addressed by the individual patches, not a repetition of the
individual patch descriptions.

Mimi

> 
> Tushar Sugandhi (3):
>   add log prefix to ima_mok.c, ima_asymmetric_keys.c, ima_queue_keys.c
>   add log message to process_buffer_measurement failure conditions
>   add module name and base name prefix to log statements
> 
>  security/integrity/digsig.c                  | 2 --
>  security/integrity/digsig_asymmetric.c       | 2 --
>  security/integrity/evm/evm_crypto.c          | 2 --
>  security/integrity/evm/evm_main.c            | 2 --
>  security/integrity/evm/evm_secfs.c           | 2 --
>  security/integrity/ima/Makefile              | 6 +++---
>  security/integrity/ima/ima_asymmetric_keys.c | 2 --
>  security/integrity/ima/ima_crypto.c          | 2 --
>  security/integrity/ima/ima_fs.c              | 2 --
>  security/integrity/ima/ima_init.c            | 2 --
>  security/integrity/ima/ima_kexec.c           | 1 -
>  security/integrity/ima/ima_main.c            | 5 +++--
>  security/integrity/ima/ima_policy.c          | 2 --
>  security/integrity/ima/ima_queue.c           | 2 --
>  security/integrity/ima/ima_queue_keys.c      | 2 --
>  security/integrity/ima/ima_template.c        | 2 --
>  security/integrity/ima/ima_template_lib.c    | 2 --
>  security/integrity/integrity.h               | 6 ++++++
>  18 files changed, 12 insertions(+), 34 deletions(-)
>

Tushar Sugandhi Feb. 12, 2020, 10:22 p.m. UTC | #2

On 2020-02-12 7:23 a.m., Mimi Zohar wrote:
> Hi Tushar,
> 
> "in IMA" is redundant in the above Subject line.
> 
Thanks Mimi. I will fix it in the next iteration.

> On Tue, 2020-02-11 at 15:14 -0800, Tushar Sugandhi wrote:
>> Some files under IMA prefix the log statement with the respective file
>> names and not with the string "ima". This is not consistent with the rest
>> of the IMA files.
>>
>> The function process_buffer_measurement() does not have log messages for
>> failure conditions.
>>
>> The #define for formatting log messages, pr_fmt, is duplicated in the
>> files under security/integrity.
>>
>> This patchset addresses the above issues.
> 
> The cover letter should provide a summary of the problem(s) being
> addressed by the individual patches, not a repetition of the
> individual patch descriptions.
> 
Thanks. I will fix the cover letter description in the next iteration.

> Mimi
> 
>>
>> Tushar Sugandhi (3):
>>    add log prefix to ima_mok.c, ima_asymmetric_keys.c, ima_queue_keys.c
>>    add log message to process_buffer_measurement failure conditions
>>    add module name and base name prefix to log statements
>>
>>   security/integrity/digsig.c                  | 2 --
>>   security/integrity/digsig_asymmetric.c       | 2 --
>>   security/integrity/evm/evm_crypto.c          | 2 --
>>   security/integrity/evm/evm_main.c            | 2 --
>>   security/integrity/evm/evm_secfs.c           | 2 --
>>   security/integrity/ima/Makefile              | 6 +++---
>>   security/integrity/ima/ima_asymmetric_keys.c | 2 --
>>   security/integrity/ima/ima_crypto.c          | 2 --
>>   security/integrity/ima/ima_fs.c              | 2 --
>>   security/integrity/ima/ima_init.c            | 2 --
>>   security/integrity/ima/ima_kexec.c           | 1 -
>>   security/integrity/ima/ima_main.c            | 5 +++--
>>   security/integrity/ima/ima_policy.c          | 2 --
>>   security/integrity/ima/ima_queue.c           | 2 --
>>   security/integrity/ima/ima_queue_keys.c      | 2 --
>>   security/integrity/ima/ima_template.c        | 2 --
>>   security/integrity/ima/ima_template_lib.c    | 2 --
>>   security/integrity/integrity.h               | 6 ++++++
>>   18 files changed, 12 insertions(+), 34 deletions(-)
>>