From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753343AbdLEKFZ (ORCPT ); Tue, 5 Dec 2017 05:05:25 -0500 Received: from mx1.redhat.com ([209.132.183.28]:32966 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752773AbdLEKFV (ORCPT ); Tue, 5 Dec 2017 05:05:21 -0500 Date: Tue, 5 Dec 2017 08:05:19 -0200 From: "Bruno E. O. Meneguele" To: Joe Perches Cc: Mimi Zohar , Dmitry Kasatkin , linux-integrity@vger.kernel.org, linux-ima-devel@lists.sourceforge.net, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2] ima: log message to module appraisal error Message-ID: <20171205100519.GA16417@glitch> References: <20171204202347.16261-1-brdeoliv@redhat.com> <1512430537.6321.58.camel@perches.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="X1bOJ3K7DJ5YkBrT" Content-Disposition: inline In-Reply-To: <1512430537.6321.58.camel@perches.com> X-PGP-Key: http://keys.gnupg.net/pks/lookup?op=get&search=0x3823031E4660608D User-Agent: Mutt/1.9.1 (2017-09-22) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 05 Dec 2017 10:05:21 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --X1bOJ3K7DJ5YkBrT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 04-12, Joe Perches wrote: > On Mon, 2017-12-04 at 18:23 -0200, Bruno E. O. Meneguele wrote: > > Simple but useful message log to the user in case of module appraise is > > forced and fails due to the lack of file descriptor, that might be > > caused by kmod calls to compressed modules. > [] > > diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima= /ima_main.c > [] > > @@ -366,8 +366,12 @@ int ima_read_file(struct file *file, enum kernel_r= ead_file_id read_id) > > =20 > > if (!file && read_id =3D=3D READING_MODULE) { > > if (!sig_enforce && (ima_appraise & IMA_APPRAISE_MODULES) && > > - (ima_appraise & IMA_APPRAISE_ENFORCE)) > > + (ima_appraise & IMA_APPRAISE_ENFORCE)) { > > + pr_err("impossible to appraise a module without a file \ > > + descriptor. sig_enforce kernel parameter might \ > > + help\n"); > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >=20 > You should probably use scripts/checkpatch.pl on your proposed > patches > before sending them. >=20 > You've got a lot of tabs and spaces after every line continuation. > Please coalesce the format on a single line and avoid this defect. >=20 > pr_err("impossible to appraise a module without a file descriptor. sig= _enforce kernel parameter might help\n"); >=20 Oh gosh, sorry for that. You're right. I'll post a v3, changing to the way you pointed, soon. Thanks! --X1bOJ3K7DJ5YkBrT Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEdWo6nTbnZdbDmXutYdRkFR+RokMFAlomb1wACgkQYdRkFR+R okPEuAgAjRLsG+WGMVX2dQQ84Wm4iA2Q8t2lTNcu8xto5nCZz6n96Fvnt4nm6V1M ALQ7/zcfJjPAesKslQRzAN35gYgCRwJrgdv8kQWD1nqIE7WVLGynRjDHhy0mrNTq NhOi/dkAcG+voNkC4QfpzU7TkBpcsk2KMrHZYRPdEblYJOAvL98rOfEqbYkCFP3I aXONauDx49cMr2mV/80sK4KehIpv/DgwBgTyVFbJ/qrb7QItp1+K56LD2qOD8BDV 0q4llkgORhlmR336JOB6dPYaewbGbnpAQcrlV8RDZSRfmejXNeyIUwGyOrSw314W EEiD01Sf8+iay8/Bpd850yr+RvmhCQ== =NfSx -----END PGP SIGNATURE----- --X1bOJ3K7DJ5YkBrT--