Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp4429707ybv; Mon, 10 Feb 2020 19:25:33 -0800 (PST) X-Google-Smtp-Source: APXvYqyfzoMT92oYjgp1exIOy6rb0NmANaXdPXe+4JpZcf6shJx70aCu0HRLUtO+qoCrodamMNHF X-Received: by 2002:a9d:a68:: with SMTP id 95mr3473160otg.87.1581391533379; Mon, 10 Feb 2020 19:25:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581391533; cv=none; d=google.com; s=arc-20160816; b=oh+Sm5OgiCU+c4JDZ+sFTNeovIBhexRHGVBv4BIxxDh6UEaZAwwE13gTV1exDikXrV q4ELqPple/wSXkwKUNxqDDV37ETP5LgwjtmHreZKYRsk3qV9i7PkXu4iQhcppJ+TSQV3 s8qhmO9SBesicOX5M5uhMq+2ndynS7PFayA+B3eM3GFVE5MRc87PIr8QcHTIiMJGLHm0 BemWTkd5aXFl1C9rLTsobD9XPvMOnfL6df8LNDijWGRLHSEeg7O+QY9j25Pok0RX9LNW V+51kG6+aYeB/5gQYFTvnQKKJIyQspiq22pq9ormPt+hM+57+ETb+SKL3nEFobrHpGTt AgmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id; bh=5SftzJ/HYI2vn5LpHB3F8Mj8sfs/OlUi8P9iBCvkPyI=; b=MbNp7UxMG1H0/n7Rgbd6Rf27NwaE5eUZtdOGdWSmegaaIZWQF255paqAFVy/OKvXUB 3noZ3pOjzVMuOdHCo05vCUoq503rZHaeTAR+nTnKyinQH71XJpVITL05DddcPJR6KRA/ +enJlWR+9i2HVjblOVhTvOcxw7wYnpMOuX8rMSCtHFPe3R+3mewdscmkDoT+PDTwoW/A naMjJaR0ma8w+HTiXwnTeU5OOzDyS1wIuDjhri7n5XhR5VD1E9V/f0k6+hsDOZUeqDBD btqIAJYe8W9YkK0cpEwe8uuBV7xvhk61NTSyOJ9YpJ4LG/e1kv5bKl/g0KYdOANU+Pm6 bCag== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x72si1132537oia.194.2020.02.10.19.25.21; Mon, 10 Feb 2020 19:25:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727662AbgBKDZB (ORCPT + 99 others); Mon, 10 Feb 2020 22:25:01 -0500 Received: from smtprelay0200.hostedemail.com ([216.40.44.200]:54147 "EHLO smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727530AbgBKDZA (ORCPT ); Mon, 10 Feb 2020 22:25:00 -0500 Received: from filter.hostedemail.com (clb03-v110.bra.tucows.net [216.40.38.60]) by smtprelay05.hostedemail.com (Postfix) with ESMTP id EC675180295A3; Tue, 11 Feb 2020 03:24:58 +0000 (UTC) X-Session-Marker: 6A6F6540706572636865732E636F6D X-Spam-Summary: 2,0,0,,d41d8cd98f00b204,joe@perches.com,:::::::::::::,RULES_HIT:41:69:355:379:599:960:966:968:982:988:989:1260:1277:1311:1313:1314:1345:1359:1437:1515:1516:1518:1534:1542:1593:1594:1711:1730:1747:1777:1792:2196:2199:2393:2559:2562:2828:2894:2899:3138:3139:3140:3141:3142:3354:3622:3865:3868:3870:3871:4250:4321:4385:4605:5007:7903:8603:9010:9592:10004:10400:11026:11232:11233:11473:11658:11914:12043:12048:12296:12297:12438:12555:12679:12683:12740:12760:12895:13439:14096:14097:14659:14721:21060:21080:21433:21451:21611:21627:21990:30054:30091,0,RBL:none,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:2,LUA_SUMMARY:none X-HE-Tag: soda35_48698b41ae525 X-Filterd-Recvd-Size: 3906 Received: from XPS-9350.home (unknown [47.151.143.254]) (Authenticated sender: joe@perches.com) by omf20.hostedemail.com (Postfix) with ESMTPA; Tue, 11 Feb 2020 03:24:57 +0000 (UTC) Message-ID: <9ed05e364f7eb7ccdeed7c580b3aded8fd8697f7.camel@perches.com> Subject: Re: [PATCH v2 2/3] IMA: Add log statements for failure conditions. From: Joe Perches To: Tushar Sugandhi , zohar@linux.ibm.com, skhan@linuxfoundation.org, linux-integrity@vger.kernel.org Cc: sashal@kernel.org, nramas@linux.microsoft.com, linux-kernel@vger.kernel.org Date: Mon, 10 Feb 2020 19:23:42 -0800 In-Reply-To: <20200211024755.5579-2-tusharsu@linux.microsoft.com> References: <20200211024755.5579-1-tusharsu@linux.microsoft.com> <20200211024755.5579-2-tusharsu@linux.microsoft.com> Content-Type: text/plain; charset="ISO-8859-1" User-Agent: Evolution 3.34.1-2 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 2020-02-10 at 18:47 -0800, Tushar Sugandhi wrote: > process_buffer_measurement() and ima_alloc_key_entry() > functions do not have log messages for failure conditions. trivia: > diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c [] > @@ -757,6 +757,9 @@ void process_buffer_measurement(const void *buf, int size, > ima_free_template_entry(entry); > > out: > + if (ret < 0) > + pr_err("Process buffer measurement failed, result: %d\n", ret); perhaps use %s, __func__ pr_err("%s: failed, result: %d\n", __func__, ret); > diff --git a/security/integrity/ima/ima_queue_keys.c b/security/integrity/ima/ima_queue_keys.c [] > @@ -90,6 +90,7 @@ static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring, > > out: > if (rc) { > + pr_err("Key entry allocation failed, result: %d\n", rc); > ima_free_key_entry(entry); > entry = NULL; > } Likely the pr_err is unnecessary here as kmalloc, kstrdup and kmemdup all emit a dump_stack() on allocation failure. Perhaps instead: o Remove unnecessary indentation in ima_free_key_entry by returning early on NULL argument o Remove unnecessary rc, tests and label in ima_alloc_key_entry --- security/integrity/ima/ima_queue_keys.c | 37 +++++++++++++-------------------- 1 file changed, 15 insertions(+), 22 deletions(-) diff --git a/security/integrity/ima/ima_queue_keys.c b/security/integrity/ima/ima_queue_keys.c index c87c722..ba449f 100644 --- a/security/integrity/ima/ima_queue_keys.c +++ b/security/integrity/ima/ima_queue_keys.c @@ -58,42 +58,35 @@ void ima_init_key_queue(void) static void ima_free_key_entry(struct ima_key_entry *entry) { - if (entry) { - kfree(entry->payload); - kfree(entry->keyring_name); - kfree(entry); - } + if (!entry) + return; + + kfree(entry->payload); + kfree(entry->keyring_name); + kfree(entry); } static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring, const void *payload, size_t payload_len) { - int rc = 0; struct ima_key_entry *entry; entry = kzalloc(sizeof(*entry), GFP_KERNEL); - if (entry) { - entry->payload = kmemdup(payload, payload_len, GFP_KERNEL); - entry->keyring_name = kstrdup(keyring->description, - GFP_KERNEL); - entry->payload_len = payload_len; - } - - if ((entry == NULL) || (entry->payload == NULL) || - (entry->keyring_name == NULL)) { - rc = -ENOMEM; - goto out; - } + if (!entry) + return NULL; - INIT_LIST_HEAD(&entry->list); + entry->payload = kmemdup(payload, payload_len, GFP_KERNEL); + entry->payload_len = payload_len; + entry->keyring_name = kstrdup(keyring->description, GFP_KERNEL); -out: - if (rc) { + if (!entry->payload || !entry->keyring_name) { ima_free_key_entry(entry); - entry = NULL; + return NULL; } + INIT_LIST_HEAD(&entry->list); + return entry; }