Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1715228ybt; Thu, 25 Jun 2020 12:19:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyZKQ+06EMK1uW4+l5RB3zMqQQj0C7ppuykW3jsRHrvPAcl1WZA2hv+SCWgUf6AlWMj5p06 X-Received: by 2002:a17:907:2163:: with SMTP id rl3mr3893177ejb.409.1593112756978; Thu, 25 Jun 2020 12:19:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1593112756; cv=none; d=google.com; s=arc-20160816; b=cUZ+VTPI7lzt/zjv/qHQpnQLrwe8ECjnr5NBFBqGxgWiLMlnNustqBzdAAhYX0415A pzmftYxk3sNVigrvAeykId6e/C+FbvRM00IMYkogJMmdx71bU0vmLPYyf+LlYHAZ6s04 DRgMYhNNgXXnqRRV4eWIKO3aCrEN3h2fxs6XSkTSwbviflGerEQu2R7nn064VSmVJFf/ S/1XKNLuy49yuvSZLvzJXYNBhTQPOgsOr/p2CGwstmP9/jH/YEdfkf4VPDkZmSmD52JR kNtHXgcInlITWCGdUWHQb0oAqFB6AE6aFzXXZYrg6dYFvo/zUYXFOCAzYG/Hu5aVGLY9 GYDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=pD7cDE1pRowKa97y2ug2GlsIr3bcaoCdNkFbx1fxc3o=; b=H5aArPbeVwpaSz7zN3GbBpxz5wVpT/xPRlXm/8zaaTYno8qys9RdIp57NsvHIhYuEE +sGjjegBRtpZE4QbRqixLWa0KsRGfblWMTUwx6Y2J9I5W2tKGWS+JKNQqRS/Etc8e4t+ QO++VvsQ29kHLkolPTlX8vg1E2RTsU1tpIZmls12FigqBw9JffQbNy81ZXrqYUlLgHQd Dmp434zZMP1Akp0XPMU/HGzlz04+ZQ1lqpybtrWGjCaGiGrUS/DUnCYdN/a0UMVkOvib PTcAdl/fox5NNyN25BXHUpOl7pJFyLdVhhZJK5CBIlw2m25S7tykZnXWrjGxE2Zs+ZnC hpOQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=kAHhnY0e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t28si1320736edc.97.2020.06.25.12.18.53; Thu, 25 Jun 2020 12:19:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=kAHhnY0e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405916AbgFYTOr (ORCPT + 99 others); Thu, 25 Jun 2020 15:14:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34734 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2405815AbgFYTOr (ORCPT ); Thu, 25 Jun 2020 15:14:47 -0400 Received: from mail-ed1-x541.google.com (mail-ed1-x541.google.com [IPv6:2a00:1450:4864:20::541]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 99BFAC08C5DB for ; Thu, 25 Jun 2020 12:14:46 -0700 (PDT) Received: by mail-ed1-x541.google.com with SMTP id b15so5081338edy.7 for ; Thu, 25 Jun 2020 12:14:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=pD7cDE1pRowKa97y2ug2GlsIr3bcaoCdNkFbx1fxc3o=; b=kAHhnY0eUb56R4ip4fJPASLy3SH+hwX/PxeFsHJSjGIR00mREk7bx1tJXh56KfJOsY GMl/RMnHXXGehaZ5CBehhPdU+Wn55OnprvZUYlJ4I17H7n7qUfG8yVybz+3U33taaNWw EIBzhGyRuN7wBSJtrXKMiVsKc10CN8EKq4TlQmI/v5SNteIgDIuHKNOWaPeCgCy+bLwC Pc6/6B9Zc/NeeCWrJg35xtp2CNXX4eyrkDvBxqSS7sZjyz+fvQPggy3lGVWq1EJfR88r zz+vF7qI4HvyKTKAwGk2kKfonyPoVRaPU0W2jjF/IO8jLUWaG4owmJXIaAx51zLayYCF IUtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=pD7cDE1pRowKa97y2ug2GlsIr3bcaoCdNkFbx1fxc3o=; b=bt+f2Gt28hFQc5YY2r+x5MYblWA/YmzMpfa4F/0sv4kYKYBnaYcYHtgyiGO9yjLHNg m1WrjA/Xpe2TIjncZuyWcAIoXSE5EvQXlyYVDJK6xjPzCooQXhlLHVbko7Uc6ak/BSrt 98/B2nu+UKGySfafBgvy/GMZPa81miTfefEVq1bvQ05cN+VRUQZdSMIGievHLXoNS134 gsCbnGgHoGd8cm2af30UrZDg4VlsXRim3/+t0+WGfpSDLbh6VIAc9NqXJq+DrACz50pB ZOp0AiPCxpZhn1aN9AU3CJmwm6schaBbrwM5uud21PW0k31BLMhtONy9IiXCNtnVoFzs POAA== X-Gm-Message-State: AOAM533a7phVrlsz16GyykZ2H9OuMdKEi9M+ekTisQSWl38t3yuj+TKr EzEPswRHifmmIZuVb/4ECSlocHXAq9D+e8/K394f X-Received: by 2002:aa7:cd52:: with SMTP id v18mr27675622edw.196.1593112485180; Thu, 25 Jun 2020 12:14:45 -0700 (PDT) MIME-Version: 1.0 References: <20200618211012.2823-1-nramas@linux.microsoft.com> <20200618211012.2823-2-nramas@linux.microsoft.com> <1592942295.5389.9.camel@linux.ibm.com> <39d66bdc-55be-984a-42a0-34d0a011e0fb@linux.microsoft.com> In-Reply-To: <39d66bdc-55be-984a-42a0-34d0a011e0fb@linux.microsoft.com> From: Paul Moore Date: Thu, 25 Jun 2020 15:14:34 -0400 Message-ID: Subject: Re: [PATCH v3 2/2] IMA: Add audit log for failure conditions To: Lakshmi Ramasubramanian Cc: Mimi Zohar , sgrubb@redhat.com, rgb@redhat.com, linux-integrity@vger.kernel.org, linux-audit@redhat.com, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 24, 2020 at 1:25 PM Lakshmi Ramasubramanian wrote: > > On 6/23/20 12:58 PM, Mimi Zohar wrote: > > Hi Steve\Paul, > > >> Sample audit messages: > >> > >> [ 6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0 > >> auid=4294967295 ses=4294967295 subj=kernel op=measuring_key > >> cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0 > >> errno=-12 > > > > My only concern is that auditing -ENOMEM will put additional memory > > pressure on the system. I'm not sure if this is a concern and, if so, > > how it should be handled. > > Do you have any concerns with respect to adding audit messages in low > memory conditions? Assuming the system is not completely toast, the allocation failure could be a very transient issue; I wouldn't worry too much about it. -- paul moore www.paul-moore.com