| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <79d7b969-9b7d-7853-356b-876e444d3390@linux.vnet.ibm.com>
Date: Mon, 3 Feb 2020 10:15:03 -0500
From: Nayna <nayna@...ux.vnet.ibm.com>
To: Joe Perches <joe@...ches.com>,
Shuah Khan <skhan@...uxfoundation.org>, jmorris@...ei.org,
serge@...lyn.com, mpe@...erman.id.au, zohar@...ux.ibm.com,
erichte@...ux.ibm.com, nayna@...ux.ibm.com, yuehaibing@...wei.com
Cc: linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] security/integrity: Include __func__ in messages for
easier debug
On 1/29/20 10:08 PM, Joe Perches wrote:
> On Wed, 2020-01-29 at 19:01 -0700, Shuah Khan wrote:
>> Change messages to messages to make it easier to debug. The following
>> error message isn't informative enough to figure out what failed.
>> Change messages to include function information.
>>
>> Signed-off-by: Shuah Khan <skhan@...uxfoundation.org>
>> ---
>> .../integrity/platform_certs/load_powerpc.c | 14 ++++++++------
>> security/integrity/platform_certs/load_uefi.c | 17 ++++++++++-------
>> 2 files changed, 18 insertions(+), 13 deletions(-)
>>
>> diff --git a/security/integrity/platform_certs/load_powerpc.c b/security/integrity/platform_certs/load_powerpc.c
> perhaps instead add #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> so all the pr_<level> logging is more specific.
>
> This would prefix all pr_<level> output with "integrity: "
>
> 3integrity: Couldn't get size: 0x%lx
> 3integrity: Error reading db var: 0x%lx
> 3integrity: MODSIGN: Couldn't get UEFI db list
> 3integrity: Couldn't parse db signatures: %d
> 6integrity: Couldn't get UEFI MokListRT
> 3integrity: Couldn't parse MokListRT signatures: %d
> 6integrity: Couldn't get UEFI dbx list
> 3integrity: Couldn't parse dbx signatures: %d
>
> 5integrity: Platform Keyring initialized
> 6integrity: Error adding keys to platform keyring %s
>
> ---
> security/integrity/platform_certs/load_powerpc.c | 3 +++
> security/integrity/platform_certs/load_uefi.c | 2 ++
> security/integrity/platform_certs/platform_keyring.c | 2 ++
> 3 files changed, 7 insertions(+)
>
> diff --git a/security/integrity/platform_certs/load_powerpc.c b/security/integrity/platform_certs/load_powerpc.c
> index a2900c..5cfbd0 100644
> --- a/security/integrity/platform_certs/load_powerpc.c
> +++ b/security/integrity/platform_certs/load_powerpc.c
> @@ -5,6 +5,9 @@
> *
> * - loads keys and hashes stored and controlled by the firmware.
> */
> +
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> +
Looks good. How about slight addition in it as below:
#define pr_fmt(fmt) KBUILD_MODNAME ": load_powerpc: " fmt
> #include <linux/kernel.h>
> #include <linux/sched.h>
> #include <linux/cred.h>
> diff --git a/security/integrity/platform_certs/load_uefi.c b/security/integrity/platform_certs/load_uefi.c
> index 111898a..480450a 100644
> --- a/security/integrity/platform_certs/load_uefi.c
> +++ b/security/integrity/platform_certs/load_uefi.c
> @@ -1,5 +1,7 @@
> // SPDX-License-Identifier: GPL-2.0
>
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
Similarly...
#define pr_fmt(fmt) KBUILD_MODNAME ": load_uefi: " fmt
> +
> #include <linux/kernel.h>
> #include <linux/sched.h>
> #include <linux/cred.h>
> diff --git a/security/integrity/platform_certs/platform_keyring.c b/security/integrity/platform_certs/platform_keyring.c
> index 7646e35..9bd2846 100644
> --- a/security/integrity/platform_certs/platform_keyring.c
> +++ b/security/integrity/platform_certs/platform_keyring.c
> @@ -6,6 +6,8 @@
> * Author(s): Nayna Jain <nayna@...ux.ibm.com>
> */
>
> +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
Same here...
#define pr_fmt(fmt) KBUILD_MODNAME ": platform_keyring: " fmt
Thanks & Regards,
- Nayna
Powered by blists - more mailing lists