Re: [PATCH 1/8] security: Use a more current logging style

From: Serge Hallyn
Date: Tue Feb 25 2014 - 14:10:23 EST


Quoting Joe Perches (joe@xxxxxxxxxxx):
> Convert printks to pr_<level>.
> Add pr_fmt to prefix output with "security: " or "capability: "
> Coalesce formats.
> Use a generic string for pr_debug to reduce object size.
>
> Signed-off-by: Joe Perches <joe@xxxxxxxxxxx>
> ---

Acked-by: Serge E. Hallyn <serge.hallyn@xxxxxxxxxx>

Though should warn_setuid_and_fcaps_mixed be using
pr_info_once()?

> security/capability.c | 16 +++++++++-------
> security/commoncap.c | 15 ++++++++-------
> security/security.c | 4 +++-
> 3 files changed, 20 insertions(+), 15 deletions(-)
>
> diff --git a/security/capability.c b/security/capability.c
> index 8b4f24a..086af9b 100644
> --- a/security/capability.c
> +++ b/security/capability.c
> @@ -10,6 +10,8 @@
> *
> */
>
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> +
> #include <linux/security.h>
>
> static int cap_syslog(int type)
> @@ -914,13 +916,13 @@ static void cap_audit_rule_free(void *lsmrule)
> #endif /* CONFIG_AUDIT */
>
> #define set_to_cap_if_null(ops, function) \
> - do { \
> - if (!ops->function) { \
> - ops->function = cap_##function; \
> - pr_debug("Had to override the " #function \
> - " security operation with the default.\n");\
> - } \
> - } while (0)
> +do { \
> + if (!ops->function) { \
> + ops->function = cap_##function; \
> + pr_debug("Had to override the %s security operation with the default\n", \
> + #function); \
> + } \
> +} while (0)
>
> void __init security_fixup_ops(struct security_operations *ops)
> {
> diff --git a/security/commoncap.c b/security/commoncap.c
> index b9d613e..b5c3bc4 100644
> --- a/security/commoncap.c
> +++ b/security/commoncap.c
> @@ -7,6 +7,8 @@
> *
> */
>
> +#define pr_fmt(fmt) "capability: " fmt
> +
> #include <linux/capability.h>
> #include <linux/audit.h>
> #include <linux/module.h>
> @@ -46,9 +48,8 @@ static void warn_setuid_and_fcaps_mixed(const char *fname)
> {
> static int warned;
> if (!warned) {
> - printk(KERN_INFO "warning: `%s' has both setuid-root and"
> - " effective capabilities. Therefore not raising all"
> - " capabilities.\n", fname);
> + pr_info("warning: `%s' has both setuid-root and effective capabilities, therefore not raising all capabilities\n",
> + fname);
> warned = 1;
> }
> }
> @@ -448,8 +449,8 @@ static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_c
> rc = get_vfs_caps_from_disk(dentry, &vcaps);
> if (rc < 0) {
> if (rc == -EINVAL)
> - printk(KERN_NOTICE "%s: get_vfs_caps_from_disk returned %d for %s\n",
> - __func__, rc, bprm->filename);
> + pr_notice("%s: get_vfs_caps_from_disk returned %d for %s\n",
> + __func__, rc, bprm->filename);
> else if (rc == -ENODATA)
> rc = 0;
> goto out;
> @@ -457,8 +458,8 @@ static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_c
>
> rc = bprm_caps_from_vfs_caps(&vcaps, bprm, effective, has_cap);
> if (rc == -EINVAL)
> - printk(KERN_NOTICE "%s: cap_from_disk returned %d for %s\n",
> - __func__, rc, bprm->filename);
> + pr_notice("%s: cap_from_disk returned %d for %s\n",
> + __func__, rc, bprm->filename);
>
> out:
> dput(dentry);
> diff --git a/security/security.c b/security/security.c
> index 15b6928..53d1885 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -11,6 +11,8 @@
> * (at your option) any later version.
> */
>
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> +
> #include <linux/capability.h>
> #include <linux/dcache.h>
> #include <linux/module.h>
> @@ -64,7 +66,7 @@ static void __init do_security_initcalls(void)
> */
> int __init security_init(void)
> {
> - printk(KERN_INFO "Security Framework initialized\n");
> + pr_info("Security Framework initialized\n");
>
> security_fixup_ops(&default_security_ops);
> security_ops = &default_security_ops;
> --
> 1.8.1.2.459.gbcd45b4.dirty
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/