Re: [PATCH] IMA: Add log statements for failure conditions.

From: Tushar Sugandhi
Date: Mon Feb 10 2020 - 17:19:18 EST


Thanks Mimi.

On 2020-02-10 1:46 p.m., Mimi Zohar wrote:
Hi Tushar,

On Mon, 2020-02-10 at 13:33 -0800, Tushar Sugandhi wrote:
On 2020-02-10 8:50 a.m., Joe Perches wrote:
On Mon, 2020-02-10 at 08:40 -0800, Lakshmi Ramasubramanian wrote:
On 2/9/20 6:46 PM, Joe Perches wrote:

In addition, as Shuah Khan suggested for the security/integrity/
directory, "there is an opportunity here to add #define pr_fmt(fmt)
KBUILD_MODNAME ": " fmt to integrity.h and get rid of duplicate
defines."
Good point - we'll make that change.

With Joe Perches patch (waiting for it to be re-posted),
are all the pr_fmt definitions needed in each file in the
integrity/ima directory?
btw Tushar and Lakshmi:

I am not formally submitting a patch here.

I was just making suggestions and please do
with it as you think appropriate.
Joe - it's not clear to me what you are suggesting.
We'll move the #define for pr_fmt to integrity.h.

What's other changes are you proposing?
https://lore.kernel.org/lkml/4b4ee302f2f97e3907ab03e55a92ccd46b6cf171.camel@xxxxxxxxxxx/

Thanks Joe.

Joe, Shuah:

Could one of you please clarify if the changes proposed in the above URL
will be part of Shuah's future patchset?

Or should I include those in my patchset? I am referring to the
following snippet in security/integrity/integrity.h.

Joe is saying that he made some suggestions, which Shuah commented on,
but has no intention of posting a formal patch. ÂThe end result of
that discussion is to define pr_fmt once in integrity/integrity.h and
remove any duplication in the integrity/ files.

I'd appreciate your including that change in this patch set, and if
needed a similar one in ima/ima.h.
I will add the proposed change to pr_fmt to this patchset.
I will also check if a similar change is needed in ima/ima.h.

thanks,

Mimi