[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1581521161.3494.7.camel@HansenPartnership.com>
Date: Wed, 12 Feb 2020 10:26:01 -0500
From: James Bottomley <James.Bottomley@...senPartnership.com>
To: Mimi Zohar <zohar@...ux.ibm.com>,
Tushar Sugandhi <tusharsu@...ux.microsoft.com>,
joe@...ches.com, skhan@...uxfoundation.org,
linux-integrity@...r.kernel.org
Cc: sashal@...nel.org, nramas@...ux.microsoft.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 3/3] IMA: Add module name and base name prefix to log.
On Wed, 2020-02-12 at 09:29 -0500, Mimi Zohar wrote:
> On Tue, 2020-02-11 at 15:14 -0800, Tushar Sugandhi wrote:
> > The #define for formatting log messages, pr_fmt, is duplicated in
> > the
> > files under security/integrity.
> >
> > This change moves the definition to security/integrity/integrity.h
> > and
> > removes the duplicate definitions in the other files under
> > security/integrity. Also, it adds KBUILD_MODNAME and
> > KBUILD_BASENAME prefix
> > to the log messages.
> >
> > Signed-off-by: Tushar Sugandhi <tusharsu@...ux.microsoft.com>
> > Reviewed-by: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
> > Suggested-by: Joe Perches <joe@...ches.com>
> > Suggested-by: Shuah Khan <skhan@...uxfoundation.org>
>
> <snip>
>
> > diff --git a/security/integrity/integrity.h
> > b/security/integrity/integrity.h
> > index 73fc286834d7..b1bb4d2263be 100644
> > --- a/security/integrity/integrity.h
> > +++ b/security/integrity/integrity.h
> > @@ -6,6 +6,12 @@
> > * Mimi Zohar <zohar@...ibm.com>
> > */
> >
> > +#ifdef pr_fmt
> > +#undef pr_fmt
> > +#endif
> > +
> > +#define pr_fmt(fmt) KBUILD_MODNAME ": " KBUILD_BASENAME ": " fmt
> > +
> > #include <linux/types.h>
> > #include <linux/integrity.h>
> > #include <crypto/sha.h>
>
> Joe, Shuah, including the pr_fmt() in integrity/integrity.h not only
> affects the integrity directory but everything below it. Adding
> KBUILD_BASENAME to pr_fmt() modifies all of the existing IMA and EVM
> kernel messages. Is that ok or should there be a separate pr_fmt()
> for the subdirectories?
Log messages are often consumed by log monitors, which mostly use
pattern matching to find messages they're interested in, so you have to
take some care when changing the messages the kernel spits out and you
have to make sure any change gets well notified so the distributions
can warn about it.
For this one, can we see a "before" and "after" message so we know
what's happening?
James
Powered by blists - more mailing lists