Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp757597ybt;
        Wed, 24 Jun 2020 10:26:19 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyjllM3DOivboQlf3+hihpbBn285mhskgTRDASgMu1T5SBkpaXHSaKBMD4pzdsoNR4iGAMp
X-Received: by 2002:a50:9a82:: with SMTP id p2mr18747496edb.130.1593019579070;
        Wed, 24 Jun 2020 10:26:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1593019579; cv=none;
        d=google.com; s=arc-20160816;
        b=oKK7lYTCP3MkwcBvT1GFT1h/dvHenJetZSyMGHYykdjUc5IlnSSs0O6bCVnj7mUXv2
         EPX353mLqbIGte7YbInP7qpF/9QRskOwGPI1qWOLnA7yFb4/98eGZZ4UyACpyGwc5sMs
         y/9eBaQ2WL6/1r13XZeZw0TdW/KHkiB68UYAjP1BULVpYdMMNXVUoqLGuI+iq9DYvzl6
         gXE0qSi/XTx8Rff4rwmiTqr5wtKPPebwyLYCk5I9bPeqWt/wOjv+uO43bhQgWSArXlhY
         xj+edi2kvb6BScVV7eYCTreKNyDpNwveVOjhPZWx8+yVT7j+G9oIr7sSXM3WLLvcCjiK
         1zlw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature:dkim-filter;
        bh=KXE68dak6HAQbc0ivKW2q2uYO1vn/u26qFcxRNMdIGw=;
        b=M+ZhHM1b41f9eo+jJpe+PO/7Fsl8tROpbemiObM9YtP1NsLGO30bNaJQAOIsbN9znk
         X4S+v7bm/TVFkeRy9OpTSaQUWNcSW65mYFHc6pboIc86LwxMych/mPmAuLUO875NwX/C
         BKM2eWCEkqWsM+6m9t+0thj2QB86Tz+Mxq590ljhP26rcO4mAAL/JWsjmhrNkgFH4Qg+
         OjIhLYE7GQhGqj+uPRLDAPZD4zyDPWtIpGN0htPbGWzr4orafWW4ou/+pnQ/u/pZy5Cy
         YFNNEoMJGe9JXB6rnVPTbQT6f1uXoyp4XjrUVUZr8e/PJJiKX73hGJ9/kLklcd9KOgJG
         ENcQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linux.microsoft.com header.s=default header.b=jMY9CIcC;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id c3si12777720edw.365.2020.06.24.10.25.54;
        Wed, 24 Jun 2020 10:26:19 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux.microsoft.com header.s=default header.b=jMY9CIcC;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2405456AbgFXRZW (ORCPT <rfc822;fezhang.suse@gmail.com>
        + 99 others); Wed, 24 Jun 2020 13:25:22 -0400
Received: from linux.microsoft.com ([13.77.154.182]:47978 "EHLO
        linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S2405318AbgFXRZV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 24 Jun 2020 13:25:21 -0400
Received: from [192.168.0.104] (c-73-42-176-67.hsd1.wa.comcast.net [73.42.176.67])
        by linux.microsoft.com (Postfix) with ESMTPSA id 362F920B7192;
        Wed, 24 Jun 2020 10:25:20 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 362F920B7192
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com;
        s=default; t=1593019520;
        bh=KXE68dak6HAQbc0ivKW2q2uYO1vn/u26qFcxRNMdIGw=;
        h=Subject:To:Cc:References:From:Date:In-Reply-To:From;
        b=jMY9CIcCXcVXasy+rbNwldyuIKL+RZvgrUPekmS9n7SxjrxGZeZxD3HKVvZgu9aAM
         DZgaikoIHUiNZ3yNZa7ecTm7TiG8pjbCZ1XfsKNvV3zcP5ZT+n7JY99fH4Q4oLWh1l
         r0GLdGg3gw6QvVHjpctF4j4hwQgBVLftgZcxfhe8=
Subject: Re: [PATCH v3 2/2] IMA: Add audit log for failure conditions
To:     Mimi Zohar <zohar@linux.ibm.com>, sgrubb@redhat.com,
        paul@paul-moore.com
Cc:     rgb@redhat.com, linux-integrity@vger.kernel.org,
        linux-audit@redhat.com, linux-kernel@vger.kernel.org
References: <20200618211012.2823-1-nramas@linux.microsoft.com>
 <20200618211012.2823-2-nramas@linux.microsoft.com>
 <1592942295.5389.9.camel@linux.ibm.com>
From:   Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Message-ID: <39d66bdc-55be-984a-42a0-34d0a011e0fb@linux.microsoft.com>
Date:   Wed, 24 Jun 2020 10:25:16 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.8.0
MIME-Version: 1.0
In-Reply-To: <1592942295.5389.9.camel@linux.ibm.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 6/23/20 12:58 PM, Mimi Zohar wrote:

Hi Steve\Paul,

>> Sample audit messages:
>>
>> [    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0
>> auid=4294967295 ses=4294967295 subj=kernel op=measuring_key
>> cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0
>> errno=-12
> 
> My only concern is that auditing -ENOMEM will put additional memory
> pressure on the system.  I'm not sure if this is a concern and, if so,
> how it should be handled.

Do you have any concerns with respect to adding audit messages in low 
memory conditions?

> 
> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>

Thanks Mimi

  -lakshmi