Re: [PATCH] IMA: Add log statements for failure conditions.

[Tushar Sugandhi]

On 2020-02-10 8:50 a.m., Joe Perches wrote:
> On Mon, 2020-02-10 at 08:40 -0800, Lakshmi Ramasubramanian wrote:
> > On 2/9/20 6:46 PM, Joe Perches wrote:
> >
> > > > In addition, as Shuah Khan suggested for the security/integrity/
> > > > directory, "there is an opportunity here to add #define pr_fmt(fmt)
> > > > KBUILD_MODNAME ": " fmt to integrity.h and get rid of duplicate
> > > > defines."
> >
> > Good point - we'll make that change.
> >
> > With Joe Perches patch (waiting for it to be re-posted),
> > > > are all the pr_fmt definitions needed in each file in the
> > > > integrity/ima directory?
> > >
> > > btw Tushar and Lakshmi:
> > >
> > > I am not formally submitting a patch here.
> > >
> > > I was just making suggestions and please do
> > > with it as you think appropriate.
> >
> > Joe - it's not clear to me what you are suggesting.
> > We'll move the #define for pr_fmt to integrity.h.
> >
> > What's other changes are you proposing?
>
> https://lore.kernel.org/lkml/4b4ee302f2f97e3907ab03e55a92ccd46b6cf171.camel@xxxxxxxxxxx/
Thanks Joe.

Joe, Shuah:

Could one of you please clarify if the changes proposed in the above URL 
will be part of Shuah's future patchset?

Or should I include those in my patchset? I am referring to the 
following snippet in security/integrity/integrity.h.


+#ifdef pr_fmt
+#undef pr_fmt
+#endif
+
+#define pr_fmt(fmt) KBUILD_MODNAME ": " KBUILD_BASENAME ": " fmt
+

If I add the above in my patchset, I believe I should remove #defines 
for pr_fmt in the .c files under /security/integrity? (except the below one)
latform_certs/efi_parser.c:#define pr_fmt(fmt) "EFI: "fmt

Please let me know.

Thanks,
Tushar