lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <d7dea4f17b5d69997f5c8666e7594dbe845e883e.1393357067.git.joe@perches.com>
Date:	Tue, 25 Feb 2014 11:41:07 -0800
From:	Joe Perches <joe@...ches.com>
To:	linux-kernel@...r.kernel.org
Cc:	Serge Hallyn <serge.hallyn@...onical.com>,
	James Morris <james.l.morris@...cle.com>,
	linux-security-module@...r.kernel.org
Subject: [PATCH V2 1/8] security: Use a more current logging style

Convert printks to pr_<level>.
Convert printk with single time guard to pr_info_once.
Add pr_fmt to prefix output with "security: " or "capability: "
Coalesce formats.
Use a generic string for pr_debug to reduce object size.

Signed-off-by: Joe Perches <joe@...ches.com>
Acked-by: Serge Hallyn <serge.hallyn@...ntu.com>
Reported-by: Serge Hallyn <serge.hallyn@...ntu.com> (pr_info_once)
---
 security/capability.c | 16 +++++++++-------
 security/commoncap.c  | 19 ++++++++-----------
 security/security.c   |  4 +++-
 3 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/security/capability.c b/security/capability.c
index 8b4f24a..086af9b 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -10,6 +10,8 @@
  *
  */
 
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/security.h>
 
 static int cap_syslog(int type)
@@ -914,13 +916,13 @@ static void cap_audit_rule_free(void *lsmrule)
 #endif /* CONFIG_AUDIT */
 
 #define set_to_cap_if_null(ops, function)				\
-	do {								\
-		if (!ops->function) {					\
-			ops->function = cap_##function;			\
-			pr_debug("Had to override the " #function	\
-				 " security operation with the default.\n");\
-			}						\
-	} while (0)
+do {									\
+	if (!ops->function) {						\
+		ops->function = cap_##function;				\
+		pr_debug("Had to override the %s security operation with the default\n", \
+			 #function);					\
+	}								\
+} while (0)
 
 void __init security_fixup_ops(struct security_operations *ops)
 {
diff --git a/security/commoncap.c b/security/commoncap.c
index b9d613e..09da086 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -7,6 +7,8 @@
  *
  */
 
+#define pr_fmt(fmt) "capability: " fmt
+
 #include <linux/capability.h>
 #include <linux/audit.h>
 #include <linux/module.h>
@@ -44,13 +46,8 @@
  */
 static void warn_setuid_and_fcaps_mixed(const char *fname)
 {
-	static int warned;
-	if (!warned) {
-		printk(KERN_INFO "warning: `%s' has both setuid-root and"
-			" effective capabilities. Therefore not raising all"
-			" capabilities.\n", fname);
-		warned = 1;
-	}
+	pr_info_once("warning: `%s' has both setuid-root and effective capabilities, therefore not raising all capabilities\n",
+		     fname);
 }
 
 int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
@@ -448,8 +445,8 @@ static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_c
 	rc = get_vfs_caps_from_disk(dentry, &vcaps);
 	if (rc < 0) {
 		if (rc == -EINVAL)
-			printk(KERN_NOTICE "%s: get_vfs_caps_from_disk returned %d for %s\n",
-				__func__, rc, bprm->filename);
+			pr_notice("%s: get_vfs_caps_from_disk returned %d for %s\n",
+				  __func__, rc, bprm->filename);
 		else if (rc == -ENODATA)
 			rc = 0;
 		goto out;
@@ -457,8 +454,8 @@ static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_c
 
 	rc = bprm_caps_from_vfs_caps(&vcaps, bprm, effective, has_cap);
 	if (rc == -EINVAL)
-		printk(KERN_NOTICE "%s: cap_from_disk returned %d for %s\n",
-		       __func__, rc, bprm->filename);
+		pr_notice("%s: cap_from_disk returned %d for %s\n",
+			  __func__, rc, bprm->filename);
 
 out:
 	dput(dentry);
diff --git a/security/security.c b/security/security.c
index 15b6928..53d1885 100644
--- a/security/security.c
+++ b/security/security.c
@@ -11,6 +11,8 @@
  *	(at your option) any later version.
  */
 
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/capability.h>
 #include <linux/dcache.h>
 #include <linux/module.h>
@@ -64,7 +66,7 @@ static void __init do_security_initcalls(void)
  */
 int __init security_init(void)
 {
-	printk(KERN_INFO "Security Framework initialized\n");
+	pr_info("Security Framework initialized\n");
 
 	security_fixup_ops(&default_security_ops);
 	security_ops = &default_security_ops;
-- 
1.8.1.2.459.gbcd45b4.dirty

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ