From patchwork Tue Feb 11 02:47:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tushar Sugandhi X-Patchwork-Id: 11374717 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7BCA4138D for ; Tue, 11 Feb 2020 02:48:08 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 49E892080C for ; Tue, 11 Feb 2020 02:48:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="ior5+5SM" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727592AbgBKCsI (ORCPT ); Mon, 10 Feb 2020 21:48:08 -0500 Received: from linux.microsoft.com ([13.77.154.182]:49812 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727575AbgBKCsH (ORCPT ); Mon, 10 Feb 2020 21:48:07 -0500 Received: from tusharsu-Ubuntu.corp.microsoft.com (unknown [131.107.147.225]) by linux.microsoft.com (Postfix) with ESMTPSA id EF1842010ADD; Mon, 10 Feb 2020 18:48:06 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com EF1842010ADD DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1581389287; bh=XHJmcrml0bOhkfiWegb1wXW/R0Kk93NkGo6uSyYSInU=; h=From:To:Cc:Subject:Date:From; b=ior5+5SMDkaHnxmhZynCL5epre8DclFeu9Z/Ly8qKQYsQqtotx3PBhep6uejZTu2b cMn5HrWIv9FihR7DsDsXm6LPodd6H3TZaqrm5MNCD2FMxXYpMnEKUA3r+HzE0cqvO4 xruhA+FN7VyFpGZA451xvS+06pzRsVE7+DeEoZCU= From: Tushar Sugandhi To: zohar@linux.ibm.com, joe@perches.com, skhan@linuxfoundation.org, linux-integrity@vger.kernel.org Cc: sashal@kernel.org, nramas@linux.microsoft.com, linux-kernel@vger.kernel.org Subject: [PATCH v2 1/3] IMA: Update KBUILD_MODNAME for IMA files to ima Date: Mon, 10 Feb 2020 18:47:53 -0800 Message-Id: <20200211024755.5579-1-tusharsu@linux.microsoft.com> X-Mailer: git-send-email 2.17.1 Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org Log statements from ima_mok.c, ima_asymmetric_keys.c, and ima_queue_keys.c are prefixed with the respective file names and not with the string "ima". This change fixes the log statement prefix to be consistent with the rest of the IMA files. Signed-off-by: Tushar Sugandhi Reviewed-by: Lakshmi Ramasubramanian --- security/integrity/ima/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security/integrity/ima/Makefile b/security/integrity/ima/Makefile index 064a256f8725..67dabca670e2 100644 --- a/security/integrity/ima/Makefile +++ b/security/integrity/ima/Makefile @@ -11,6 +11,6 @@ ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \ ima-$(CONFIG_IMA_APPRAISE) += ima_appraise.o ima-$(CONFIG_IMA_APPRAISE_MODSIG) += ima_modsig.o ima-$(CONFIG_HAVE_IMA_KEXEC) += ima_kexec.o -obj-$(CONFIG_IMA_BLACKLIST_KEYRING) += ima_mok.o -obj-$(CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS) += ima_asymmetric_keys.o -obj-$(CONFIG_IMA_QUEUE_EARLY_BOOT_KEYS) += ima_queue_keys.o +ima-$(CONFIG_IMA_BLACKLIST_KEYRING) += ima_mok.o +ima-$(CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS) += ima_asymmetric_keys.o +ima-$(CONFIG_IMA_QUEUE_EARLY_BOOT_KEYS) += ima_queue_keys.o From patchwork Tue Feb 11 02:47:54 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tushar Sugandhi X-Patchwork-Id: 11374719 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A88EC17F0 for ; Tue, 11 Feb 2020 02:48:08 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 7CC3B20842 for ; Tue, 11 Feb 2020 02:48:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="OVMZvnwj" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727662AbgBKCsI (ORCPT ); Mon, 10 Feb 2020 21:48:08 -0500 Received: from linux.microsoft.com ([13.77.154.182]:49814 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727530AbgBKCsH (ORCPT ); Mon, 10 Feb 2020 21:48:07 -0500 Received: from tusharsu-Ubuntu.corp.microsoft.com (unknown [131.107.147.225]) by linux.microsoft.com (Postfix) with ESMTPSA id 1F6BD20B9C02; Mon, 10 Feb 2020 18:48:07 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 1F6BD20B9C02 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1581389287; bh=ta2+cPR+SWW5mggrKQmNME5B7299QZqk4q419Roxmxc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=OVMZvnwjzElk5Wr6POy145pylvqcbHDDrhGk62NDUF/22/eNnpDwjzHEt4KbjQiTM wECK9nh8RM4cDy7WIO7MtHw+0uKUjp8Y9eBYn17GH3Wi9Elo1pbeKn+ZIa+8yPp+1L 8VKdWwIfqX7xq+sQAyZdONGMDqQfvqZ8fkhl9LyU= From: Tushar Sugandhi To: zohar@linux.ibm.com, joe@perches.com, skhan@linuxfoundation.org, linux-integrity@vger.kernel.org Cc: sashal@kernel.org, nramas@linux.microsoft.com, linux-kernel@vger.kernel.org Subject: [PATCH v2 2/3] IMA: Add log statements for failure conditions. Date: Mon, 10 Feb 2020 18:47:54 -0800 Message-Id: <20200211024755.5579-2-tusharsu@linux.microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200211024755.5579-1-tusharsu@linux.microsoft.com> References: <20200211024755.5579-1-tusharsu@linux.microsoft.com> Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org process_buffer_measurement() and ima_alloc_key_entry() functions do not have log messages for failure conditions. This change adds log statements in the above functions. Signed-off-by: Tushar Sugandhi Reviewed-by: Lakshmi Ramasubramanian --- security/integrity/ima/ima_main.c | 3 +++ security/integrity/ima/ima_queue_keys.c | 1 + 2 files changed, 4 insertions(+) diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 9fe949c6a530..ee01ee34eec8 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -757,6 +757,9 @@ void process_buffer_measurement(const void *buf, int size, ima_free_template_entry(entry); out: + if (ret < 0) + pr_err("Process buffer measurement failed, result: %d\n", ret); + return; } diff --git a/security/integrity/ima/ima_queue_keys.c b/security/integrity/ima/ima_queue_keys.c index c87c72299191..6a9ee52649c4 100644 --- a/security/integrity/ima/ima_queue_keys.c +++ b/security/integrity/ima/ima_queue_keys.c @@ -90,6 +90,7 @@ static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring, out: if (rc) { + pr_err("Key entry allocation failed, result: %d\n", rc); ima_free_key_entry(entry); entry = NULL; } From patchwork Tue Feb 11 02:47:55 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tushar Sugandhi X-Patchwork-Id: 11374721 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 10B4514B4 for ; Tue, 11 Feb 2020 02:48:15 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id DDE9420733 for ; Tue, 11 Feb 2020 02:48:14 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="WfyVV4BI" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727530AbgBKCsK (ORCPT ); Mon, 10 Feb 2020 21:48:10 -0500 Received: from linux.microsoft.com ([13.77.154.182]:49832 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727588AbgBKCsI (ORCPT ); Mon, 10 Feb 2020 21:48:08 -0500 Received: from tusharsu-Ubuntu.corp.microsoft.com (unknown [131.107.147.225]) by linux.microsoft.com (Postfix) with ESMTPSA id 434DA20B9C2F; Mon, 10 Feb 2020 18:48:07 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 434DA20B9C2F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1581389287; bh=t+ShYf2XwSIyB1oBmjrPH0u1zCu+ztC602aYBU8hwlU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=WfyVV4BIL9kMrlTb9lQHGt6nSvMxsefl04N3zwcZHLc2zdr+GvKhlRQz9cnIZw7fy pwsBURPcx7b0iGSLJOxx8xJYuY30TyRD6UlRyGxevW1ooR55Ku6no/7L9Nqo6rVO94 h6pzj3uPyN6e/G4llia+vyBgEd8mvl+H+f3K/41A= From: Tushar Sugandhi To: zohar@linux.ibm.com, joe@perches.com, skhan@linuxfoundation.org, linux-integrity@vger.kernel.org Cc: sashal@kernel.org, nramas@linux.microsoft.com, linux-kernel@vger.kernel.org Subject: [PATCH v2 3/3] IMA: Add module name and base name prefix to log Date: Mon, 10 Feb 2020 18:47:55 -0800 Message-Id: <20200211024755.5579-3-tusharsu@linux.microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200211024755.5579-1-tusharsu@linux.microsoft.com> References: <20200211024755.5579-1-tusharsu@linux.microsoft.com> Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org The #define for formatting log messages, pr_fmt, is duplicated in the files under security/integrity. This change moves the definition to security/integrity/integrity.h and removes the duplicate definitions in the other files under security/integrity. Also, it adds KBUILD_MODNAME and KBUILD_BASENAME prefix to the log messages. Signed-off-by: Tushar Sugandhi Reviewed-by: Lakshmi Ramasubramanian Suggested-by: Joe Perches Suggested-by: Shuah Khan --- security/integrity/digsig.c | 2 -- security/integrity/digsig_asymmetric.c | 2 -- security/integrity/evm/evm_crypto.c | 2 -- security/integrity/evm/evm_main.c | 2 -- security/integrity/evm/evm_secfs.c | 2 -- security/integrity/ima/ima_asymmetric_keys.c | 2 -- security/integrity/ima/ima_crypto.c | 2 -- security/integrity/ima/ima_fs.c | 2 -- security/integrity/ima/ima_init.c | 2 -- security/integrity/ima/ima_kexec.c | 1 - security/integrity/ima/ima_main.c | 2 -- security/integrity/ima/ima_policy.c | 2 -- security/integrity/ima/ima_queue.c | 2 -- security/integrity/ima/ima_queue_keys.c | 2 -- security/integrity/ima/ima_template.c | 2 -- security/integrity/ima/ima_template_lib.c | 2 -- security/integrity/integrity.h | 6 ++++++ 17 files changed, 6 insertions(+), 31 deletions(-) diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c index ea1aae3d07b3..e9cbadade74b 100644 --- a/security/integrity/digsig.c +++ b/security/integrity/digsig.c @@ -6,8 +6,6 @@ * Dmitry Kasatkin */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c index 55aec161d0e1..4e0d6778277e 100644 --- a/security/integrity/digsig_asymmetric.c +++ b/security/integrity/digsig_asymmetric.c @@ -6,8 +6,6 @@ * Dmitry Kasatkin */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index d485f6fc908e..35682852ddea 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -10,8 +10,6 @@ * Using root's kernel master key (kmk), calculate the HMAC */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index f9a81b187fae..d361d7fdafc4 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -11,8 +11,6 @@ * evm_inode_removexattr, and evm_verifyxattr */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c index c11c1f7b3ddd..39ad1038d45d 100644 --- a/security/integrity/evm/evm_secfs.c +++ b/security/integrity/evm/evm_secfs.c @@ -10,8 +10,6 @@ * - Get the key and enable EVM */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/ima/ima_asymmetric_keys.c b/security/integrity/ima/ima_asymmetric_keys.c index 7678f0e3e84d..aaae80c4e376 100644 --- a/security/integrity/ima/ima_asymmetric_keys.c +++ b/security/integrity/ima/ima_asymmetric_keys.c @@ -9,8 +9,6 @@ * create or update. */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include "ima.h" diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 7967a6904851..423c84f95a14 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -10,8 +10,6 @@ * Calculates md5/sha1 file hash, template hash, boot-aggreate hash */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index 2000e8df0301..a71e822a6e92 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -12,8 +12,6 @@ * current measurement list and IMA statistics */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c index 195cb4079b2b..567468188a61 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c @@ -11,8 +11,6 @@ * initialization and cleanup functions */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/ima/ima_kexec.c b/security/integrity/ima/ima_kexec.c index 9e94eca48b89..121de3e04af2 100644 --- a/security/integrity/ima/ima_kexec.c +++ b/security/integrity/ima/ima_kexec.c @@ -6,7 +6,6 @@ * Thiago Jung Bauermann * Mimi Zohar */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt #include #include diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index ee01ee34eec8..e78d0aa665f3 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -15,8 +15,6 @@ * and ima_file_check. */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 453427048999..c334e0dc6083 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -7,8 +7,6 @@ * - initialize default measure policy rules */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c index 1ce8b1701566..8753212ddb18 100644 --- a/security/integrity/ima/ima_queue.c +++ b/security/integrity/ima/ima_queue.c @@ -15,8 +15,6 @@ * ever removed or changed during the boot-cycle. */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include "ima.h" diff --git a/security/integrity/ima/ima_queue_keys.c b/security/integrity/ima/ima_queue_keys.c index 6a9ee52649c4..ffd78f09c5b6 100644 --- a/security/integrity/ima/ima_queue_keys.c +++ b/security/integrity/ima/ima_queue_keys.c @@ -8,8 +8,6 @@ * Enables deferred processing of keys */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include #include "ima.h" diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c index 6aa6408603e3..062d9ad49afb 100644 --- a/security/integrity/ima/ima_template.c +++ b/security/integrity/ima/ima_template.c @@ -9,8 +9,6 @@ * Helpers to manage template descriptors. */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include #include "ima.h" #include "ima_template_lib.h" diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c index 32ae05d88257..9cd1e50f3ccc 100644 --- a/security/integrity/ima/ima_template_lib.c +++ b/security/integrity/ima/ima_template_lib.c @@ -9,8 +9,6 @@ * Library of supported template fields. */ -#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt - #include "ima_template_lib.h" static bool ima_template_hash_algo_allowed(u8 algo) diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index 73fc286834d7..b1bb4d2263be 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h @@ -6,6 +6,12 @@ * Mimi Zohar */ +#ifdef pr_fmt +#undef pr_fmt +#endif + +#define pr_fmt(fmt) KBUILD_MODNAME ": " KBUILD_BASENAME ": " fmt + #include #include #include