Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp1525201ybg; Thu, 4 Jun 2020 11:54:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwtWHMimebFrMs0fBVb3cWBtGzsaKAEVXjIhDa0xyRp+zVwWqqFoeNTpWHplp1H5m/z77c0 X-Received: by 2002:a17:906:48d8:: with SMTP id d24mr5004040ejt.369.1591296868451; Thu, 04 Jun 2020 11:54:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591296868; cv=none; d=google.com; s=arc-20160816; b=wIrBufv43+HCD8x+v8n7NFZeIiQB+QEnJztL6UwZ/nbyEkhfC2jNCLbwwxrtOUAwSi +hT7QUsZ9P8+D4v7tvHxk7WQB50lWPBLj8eFR9dZv8CHPiKxPun+ZvwejG+nqkL0fuL5 OCmC7bUbVxvksZ4lgSu7s1cCIFUku9VVLPrh6LdApFpqV+FY4BqNwkNxT0sGPQVs7VT5 wuhQVKypplJnhEfPwZ3G2UyfBcLOi7SjDq2bAKQrefAc8e8MdhJzEI/x8i0LYRemjWUj aY5o/olnJASRx4htT3y1SkBUS958a68mEIO2SChfK9Yk7dR8ywxQxHrhvdiwHswZb5IH crnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature:dkim-filter; bh=HSE+hmGxuCSoZdoQKdpxxvMKb/F1FAb7gfSJdIw8nJw=; b=DxiJUaMJX+25EjR/RVCQFUO3zYxzFOSBu1cvDByrsLM5TBpisbKWi/dyILT5i+Z/xl ugeY6ul+pNX11w4ln5FRYJUQNAmAO8EuSZIK6/PL8UPgHhqd85KhlJsIX11NfCe7N8M0 OSXa1d0u7WbtifxjtCRTUUKIh/njYrNbuOC9CO7kMSuHI3/TzdaPxjiFq7iujp/Ao5GV 7tcpHkblxnEqfZ3+vOBzsbRLwDSFCkTagbqu8Lq86pVRx49fHWnMRFNhwUsys2of/QXg 4PR7q076JdJO6xvnWGcE62wtU8VzYU+Ie5lAhAyDtgVE7PXjShgeeRnhHmlemD90dFNx Ca9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=PykBJqC3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a17si2063096eju.694.2020.06.04.11.54.05; Thu, 04 Jun 2020 11:54:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=PykBJqC3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729755AbgFDQcs (ORCPT + 99 others); Thu, 4 Jun 2020 12:32:48 -0400 Received: from linux.microsoft.com ([13.77.154.182]:42596 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729115AbgFDQcs (ORCPT ); Thu, 4 Jun 2020 12:32:48 -0400 Received: from localhost.localdomain (c-73-42-176-67.hsd1.wa.comcast.net [73.42.176.67]) by linux.microsoft.com (Postfix) with ESMTPSA id B42CB20B7185; Thu, 4 Jun 2020 09:32:47 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com B42CB20B7185 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1591288367; bh=HSE+hmGxuCSoZdoQKdpxxvMKb/F1FAb7gfSJdIw8nJw=; h=From:To:Cc:Subject:Date:From; b=PykBJqC3/hrZtyBrGfy1EsHeBOraUlEDJ0Q/0jAvxU1higWxhzg87HS6DT0j/i9sH +l8uSI5aZH3LZMF8RqRNGKyJJvP/ndOb4OtxdpgyDAioH6E9vHvi7ecTvrjL4D2xsl 44Fatr8JRYL994Zcq4NQcOGIWFCbKPY3wGJGdG64= From: Lakshmi Ramasubramanian To: zohar@linux.ibm.com, linux-integrity@vger.kernel.org Cc: tusharsu@linux.microsoft.com, linux-kernel@vger.kernel.org Subject: [PATCH] IMA: Add log statements for failure conditions Date: Thu, 4 Jun 2020 09:32:43 -0700 Message-Id: <20200604163243.2575-1-nramas@linux.microsoft.com> X-Mailer: git-send-email 2.27.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The final log statement in process_buffer_measurement() for failure condition is at debug level. This does not log the message unless the system log level is raised which would significantly increase the messages in the system log. Change this log message to error level, and add eventname and ima_hooks enum to the message for better triaging failures in the function. ima_alloc_key_entry() does not log a message for failure condition. Add an error message for failure condition in this function. Signed-off-by: Lakshmi Ramasubramanian --- security/integrity/ima/ima_main.c | 3 ++- security/integrity/ima/ima_queue_keys.c | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 9d0abedeae77..3b371f31597b 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -756,7 +756,8 @@ void process_buffer_measurement(const void *buf, int size, out: if (ret < 0) - pr_devel("%s: failed, result: %d\n", __func__, ret); + pr_err("%s failed. eventname: %s, func: %d, result: %d\n", + __func__, eventname, func, ret); return; } diff --git a/security/integrity/ima/ima_queue_keys.c b/security/integrity/ima/ima_queue_keys.c index cb3e3f501593..e51d0eb08d8a 100644 --- a/security/integrity/ima/ima_queue_keys.c +++ b/security/integrity/ima/ima_queue_keys.c @@ -88,6 +88,8 @@ static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring, out: if (rc) { + pr_err("%s failed. keyring: %s, result: %d\n", + __func__, keyring->description, rc); ima_free_key_entry(entry); entry = NULL; } -- 2.27.0