Linux-Integrity Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH v3 1/2] integrity: Add errno field in audit message
@ 2020-06-18 21:10 Lakshmi Ramasubramanian
  2020-06-18 21:10 ` [PATCH v3 2/2] IMA: Add audit log for failure conditions Lakshmi Ramasubramanian
                   ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: Lakshmi Ramasubramanian @ 2020-06-18 21:10 UTC (permalink / raw)
  To: zohar, sgrubb, paul; +Cc: rgb, linux-integrity, linux-audit, linux-kernel

Error code is not included in the audit messages logged by
the integrity subsystem.

Define a new function integrity_audit_message() that takes error code
in the "errno" parameter. Add "errno" field in the audit messages logged
by the integrity subsystem and set the value passed in the "errno"
parameter.

[    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel op=measuring_key cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0 errno=-12

[    7.987647] audit: type=1802 audit(1592506283.312:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 op=policy_update cause=completed comm="systemd" res=1 errno=0

[    8.019432] audit: type=1804 audit(1592506283.344:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 op=measuring_kexec_cmdline cause=hashing_error comm="systemd" name="kexec-cmdline" res=0 errno=-22

Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Suggested-by: Steve Grubb <sgrubb@redhat.com>
Suggested-by: Mimi Zohar <zohar@linux.ibm.com>
---
 security/integrity/integrity.h       | 13 +++++++++++++
 security/integrity/integrity_audit.c | 11 ++++++++++-
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index 16c1894c29bb..413c803c5208 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -239,6 +239,11 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
 			 const unsigned char *fname, const char *op,
 			 const char *cause, int result, int info);
 
+void integrity_audit_message(int audit_msgno, struct inode *inode,
+			     const unsigned char *fname, const char *op,
+			     const char *cause, int result, int info,
+			     int errno);
+
 static inline struct audit_buffer *
 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
 {
@@ -253,6 +258,14 @@ static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
 {
 }
 
+static inline void integrity_audit_message(int audit_msgno,
+					   struct inode *inode,
+					   const unsigned char *fname,
+					   const char *op, const char *cause,
+					   int result, int info, int errno)
+{
+}
+
 static inline struct audit_buffer *
 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
 {
diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
index 5109173839cc..f25e7df099c8 100644
--- a/security/integrity/integrity_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -28,6 +28,15 @@ __setup("integrity_audit=", integrity_audit_setup);
 void integrity_audit_msg(int audit_msgno, struct inode *inode,
 			 const unsigned char *fname, const char *op,
 			 const char *cause, int result, int audit_info)
+{
+	integrity_audit_message(audit_msgno, inode, fname, op, cause,
+				result, audit_info, 0);
+}
+
+void integrity_audit_message(int audit_msgno, struct inode *inode,
+			     const unsigned char *fname, const char *op,
+			     const char *cause, int result, int audit_info,
+			     int errno)
 {
 	struct audit_buffer *ab;
 	char name[TASK_COMM_LEN];
@@ -53,6 +62,6 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
 		audit_log_untrustedstring(ab, inode->i_sb->s_id);
 		audit_log_format(ab, " ino=%lu", inode->i_ino);
 	}
-	audit_log_format(ab, " res=%d", !result);
+	audit_log_format(ab, " res=%d errno=%d", !result, errno);
 	audit_log_end(ab);
 }
-- 
2.27.0


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [PATCH v3 2/2] IMA: Add audit log for failure conditions
  2020-06-18 21:10 [PATCH v3 1/2] integrity: Add errno field in audit message Lakshmi Ramasubramanian
@ 2020-06-18 21:10 ` Lakshmi Ramasubramanian
  2020-06-23 19:58   ` Mimi Zohar
  2020-06-22 22:27 ` [PATCH v3 1/2] integrity: Add errno field in audit message Mimi Zohar
  2020-06-24  0:07 ` Paul Moore
  2 siblings, 1 reply; 8+ messages in thread
From: Lakshmi Ramasubramanian @ 2020-06-18 21:10 UTC (permalink / raw)
  To: zohar, sgrubb, paul; +Cc: rgb, linux-integrity, linux-audit, linux-kernel

process_buffer_measurement() and ima_alloc_key_entry() functions need to
log an audit message for auditing integrity measurement failures.

Add audit message in these two functions. Remove "pr_devel" log message
in process_buffer_measurement().

Sample audit messages:

[    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel op=measuring_key cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0 errno=-12

[    8.019432] audit: type=1804 audit(1592506283.344:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 op=measuring_kexec_cmdline cause=hashing_error comm="systemd" name="kexec-cmdline" res=0 errno=-22

Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Suggested-by: Mimi Zohar <zohar@linux.ibm.com>
---
 security/integrity/ima/ima.h            | 48 ++++++++++++++++---------
 security/integrity/ima/ima_main.c       | 18 +++++++---
 security/integrity/ima/ima_policy.c     |  2 +-
 security/integrity/ima/ima_queue_keys.c |  5 +++
 4 files changed, 51 insertions(+), 22 deletions(-)

diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index df93ac258e01..c3a32e181b48 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -186,27 +186,43 @@ static inline unsigned int ima_hash_key(u8 *digest)
 	return (digest[0] | digest[1] << 8) % IMA_MEASURE_HTABLE_SIZE;
 }
 
-#define __ima_hooks(hook)		\
-	hook(NONE)			\
-	hook(FILE_CHECK)		\
-	hook(MMAP_CHECK)		\
-	hook(BPRM_CHECK)		\
-	hook(CREDS_CHECK)		\
-	hook(POST_SETATTR)		\
-	hook(MODULE_CHECK)		\
-	hook(FIRMWARE_CHECK)		\
-	hook(KEXEC_KERNEL_CHECK)	\
-	hook(KEXEC_INITRAMFS_CHECK)	\
-	hook(POLICY_CHECK)		\
-	hook(KEXEC_CMDLINE)		\
-	hook(KEY_CHECK)			\
-	hook(MAX_CHECK)
-#define __ima_hook_enumify(ENUM)	ENUM,
+#define __ima_hooks(hook)				\
+	hook(NONE, none)				\
+	hook(FILE_CHECK, file)				\
+	hook(MMAP_CHECK, mmap)				\
+	hook(BPRM_CHECK, bprm)				\
+	hook(CREDS_CHECK, creds)			\
+	hook(POST_SETATTR, post_setattr)		\
+	hook(MODULE_CHECK, module)			\
+	hook(FIRMWARE_CHECK, firmware)			\
+	hook(KEXEC_KERNEL_CHECK, kexec_kernel)		\
+	hook(KEXEC_INITRAMFS_CHECK, kexec_initramfs)	\
+	hook(POLICY_CHECK, policy)			\
+	hook(KEXEC_CMDLINE, kexec_cmdline)		\
+	hook(KEY_CHECK, key)				\
+	hook(MAX_CHECK, none)
+
+#define __ima_hook_enumify(ENUM, str)	ENUM,
+#define __ima_stringify(arg) (#arg)
+#define __ima_hook_measuring_stringify(ENUM, str) \
+		(__ima_stringify(measuring_ ##str)),
 
 enum ima_hooks {
 	__ima_hooks(__ima_hook_enumify)
 };
 
+static const char * const ima_hooks_measure_str[] = {
+	__ima_hooks(__ima_hook_measuring_stringify)
+};
+
+static inline const char *func_measure_str(enum ima_hooks func)
+{
+	if (func >= MAX_CHECK)
+		return ima_hooks_measure_str[NONE];
+
+	return ima_hooks_measure_str[func];
+}
+
 extern const char *const func_tokens[];
 
 struct modsig;
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index c1583d98c5e5..8351b2fd48e0 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -740,6 +740,7 @@ void process_buffer_measurement(const void *buf, int size,
 				int pcr, const char *keyring)
 {
 	int ret = 0;
+	const char *audit_cause = "ENOMEM";
 	struct ima_template_entry *entry = NULL;
 	struct integrity_iint_cache iint = {};
 	struct ima_event_data event_data = {.iint = &iint,
@@ -794,21 +795,28 @@ void process_buffer_measurement(const void *buf, int size,
 	iint.ima_hash->length = hash_digest_size[ima_hash_algo];
 
 	ret = ima_calc_buffer_hash(buf, size, iint.ima_hash);
-	if (ret < 0)
+	if (ret < 0) {
+		audit_cause = "hashing_error";
 		goto out;
+	}
 
 	ret = ima_alloc_init_template(&event_data, &entry, template);
-	if (ret < 0)
+	if (ret < 0) {
+		audit_cause = "alloc_entry";
 		goto out;
+	}
 
 	ret = ima_store_template(entry, violation, NULL, buf, pcr);
-
-	if (ret < 0)
+	if (ret < 0) {
+		audit_cause = "store_entry";
 		ima_free_template_entry(entry);
+	}
 
 out:
 	if (ret < 0)
-		pr_devel("%s: failed, result: %d\n", __func__, ret);
+		integrity_audit_message(AUDIT_INTEGRITY_PCR, NULL, eventname,
+					func_measure_str(func),
+					audit_cause, ret, 0, ret);
 
 	return;
 }
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index e493063a3c34..66aa3e17a888 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -1414,7 +1414,7 @@ void ima_delete_rules(void)
 	}
 }
 
-#define __ima_hook_stringify(str)	(#str),
+#define __ima_hook_stringify(func, str)	(#func),
 
 const char *const func_tokens[] = {
 	__ima_hooks(__ima_hook_stringify)
diff --git a/security/integrity/ima/ima_queue_keys.c b/security/integrity/ima/ima_queue_keys.c
index cb3e3f501593..56ce24a18b66 100644
--- a/security/integrity/ima/ima_queue_keys.c
+++ b/security/integrity/ima/ima_queue_keys.c
@@ -68,6 +68,7 @@ static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring,
 						 size_t payload_len)
 {
 	int rc = 0;
+	const char *audit_cause = "ENOMEM";
 	struct ima_key_entry *entry;
 
 	entry = kzalloc(sizeof(*entry), GFP_KERNEL);
@@ -88,6 +89,10 @@ static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring,
 
 out:
 	if (rc) {
+		integrity_audit_message(AUDIT_INTEGRITY_PCR, NULL,
+					keyring->description,
+					func_measure_str(KEY_CHECK),
+					audit_cause, rc, 0, rc);
 		ima_free_key_entry(entry);
 		entry = NULL;
 	}
-- 
2.27.0


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v3 1/2] integrity: Add errno field in audit message
  2020-06-18 21:10 [PATCH v3 1/2] integrity: Add errno field in audit message Lakshmi Ramasubramanian
  2020-06-18 21:10 ` [PATCH v3 2/2] IMA: Add audit log for failure conditions Lakshmi Ramasubramanian
@ 2020-06-22 22:27 ` Mimi Zohar
  2020-06-24  0:07 ` Paul Moore
  2 siblings, 0 replies; 8+ messages in thread
From: Mimi Zohar @ 2020-06-22 22:27 UTC (permalink / raw)
  To: Lakshmi Ramasubramanian, sgrubb, paul
  Cc: rgb, linux-integrity, linux-audit, linux-kernel

On Thu, 2020-06-18 at 14:10 -0700, Lakshmi Ramasubramanian wrote:
> Error code is not included in the audit messages logged by
> the integrity subsystem.
> 
> Define a new function integrity_audit_message() that takes error code
> in the "errno" parameter. Add "errno" field in the audit messages logged
> by the integrity subsystem and set the value passed in the "errno"
> parameter.
> 
> [    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel op=measuring_key cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0 errno=-12
> 
> [    7.987647] audit: type=1802 audit(1592506283.312:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 op=policy_update cause=completed comm="systemd" res=1 errno=0
> 
> [    8.019432] audit: type=1804 audit(1592506283.344:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 op=measuring_kexec_cmdline cause=hashing_error comm="systemd" name="kexec-cmdline" res=0 errno=-22
> 
> Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
> Suggested-by: Steve Grubb <sgrubb@redhat.com>
> Suggested-by: Mimi Zohar <zohar@linux.ibm.com>

Thanks, Lakshmi.  Steve, Paul, because of the code changes, your tags
were dropped.

Mimi 

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v3 2/2] IMA: Add audit log for failure conditions
  2020-06-18 21:10 ` [PATCH v3 2/2] IMA: Add audit log for failure conditions Lakshmi Ramasubramanian
@ 2020-06-23 19:58   ` Mimi Zohar
  2020-06-24 17:25     ` Lakshmi Ramasubramanian
  0 siblings, 1 reply; 8+ messages in thread
From: Mimi Zohar @ 2020-06-23 19:58 UTC (permalink / raw)
  To: Lakshmi Ramasubramanian, sgrubb, paul
  Cc: rgb, linux-integrity, linux-audit, linux-kernel

On Thu, 2020-06-18 at 14:10 -0700, Lakshmi Ramasubramanian wrote:
> process_buffer_measurement() and ima_alloc_key_entry() functions need to
> log an audit message for auditing integrity measurement failures.
> 
> Add audit message in these two functions. Remove "pr_devel" log message
> in process_buffer_measurement().
> 
> Sample audit messages:
> 
> [    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0
> auid=4294967295 ses=4294967295 subj=kernel op=measuring_key
> cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0
> errno=-12

My only concern is that auditing -ENOMEM will put additional memory
pressure on the system.  I'm not sure if this is a concern and, if so,
how it should be handled.

> 
> [    8.019432] audit: type=1804 audit(1592506283.344:10): pid=1
> uid=0 auid=4294967295 ses=4294967295
> subj=system_u:system_r:init_t:s0 op=measuring_kexec_cmdline
> cause=hashing_error comm="systemd" name="kexec-cmdline" res=0
> errno=-22
> 
> Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>

Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v3 1/2] integrity: Add errno field in audit message
  2020-06-18 21:10 [PATCH v3 1/2] integrity: Add errno field in audit message Lakshmi Ramasubramanian
  2020-06-18 21:10 ` [PATCH v3 2/2] IMA: Add audit log for failure conditions Lakshmi Ramasubramanian
  2020-06-22 22:27 ` [PATCH v3 1/2] integrity: Add errno field in audit message Mimi Zohar
@ 2020-06-24  0:07 ` Paul Moore
  2 siblings, 0 replies; 8+ messages in thread
From: Paul Moore @ 2020-06-24  0:07 UTC (permalink / raw)
  To: Lakshmi Ramasubramanian
  Cc: zohar, sgrubb, rgb, linux-integrity, linux-audit, linux-kernel

On Thu, Jun 18, 2020 at 5:10 PM Lakshmi Ramasubramanian
<nramas@linux.microsoft.com> wrote:
>
> Error code is not included in the audit messages logged by
> the integrity subsystem.
>
> Define a new function integrity_audit_message() that takes error code
> in the "errno" parameter. Add "errno" field in the audit messages logged
> by the integrity subsystem and set the value passed in the "errno"
> parameter.
>
> [    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel op=measuring_key cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0 errno=-12
>
> [    7.987647] audit: type=1802 audit(1592506283.312:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 op=policy_update cause=completed comm="systemd" res=1 errno=0
>
> [    8.019432] audit: type=1804 audit(1592506283.344:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 op=measuring_kexec_cmdline cause=hashing_error comm="systemd" name="kexec-cmdline" res=0 errno=-22
>
> Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
> Suggested-by: Steve Grubb <sgrubb@redhat.com>
> Suggested-by: Mimi Zohar <zohar@linux.ibm.com>
> ---
>  security/integrity/integrity.h       | 13 +++++++++++++
>  security/integrity/integrity_audit.c | 11 ++++++++++-
>  2 files changed, 23 insertions(+), 1 deletion(-)

The audit record changes look good to me.

Acked-by: Paul Moore <paul@paul-moore.com>

> diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
> index 16c1894c29bb..413c803c5208 100644
> --- a/security/integrity/integrity.h
> +++ b/security/integrity/integrity.h
> @@ -239,6 +239,11 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
>                          const unsigned char *fname, const char *op,
>                          const char *cause, int result, int info);
>
> +void integrity_audit_message(int audit_msgno, struct inode *inode,
> +                            const unsigned char *fname, const char *op,
> +                            const char *cause, int result, int info,
> +                            int errno);
> +
>  static inline struct audit_buffer *
>  integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
>  {
> @@ -253,6 +258,14 @@ static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
>  {
>  }
>
> +static inline void integrity_audit_message(int audit_msgno,
> +                                          struct inode *inode,
> +                                          const unsigned char *fname,
> +                                          const char *op, const char *cause,
> +                                          int result, int info, int errno)
> +{
> +}
> +
>  static inline struct audit_buffer *
>  integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
>  {
> diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
> index 5109173839cc..f25e7df099c8 100644
> --- a/security/integrity/integrity_audit.c
> +++ b/security/integrity/integrity_audit.c
> @@ -28,6 +28,15 @@ __setup("integrity_audit=", integrity_audit_setup);
>  void integrity_audit_msg(int audit_msgno, struct inode *inode,
>                          const unsigned char *fname, const char *op,
>                          const char *cause, int result, int audit_info)
> +{
> +       integrity_audit_message(audit_msgno, inode, fname, op, cause,
> +                               result, audit_info, 0);
> +}
> +
> +void integrity_audit_message(int audit_msgno, struct inode *inode,
> +                            const unsigned char *fname, const char *op,
> +                            const char *cause, int result, int audit_info,
> +                            int errno)
>  {
>         struct audit_buffer *ab;
>         char name[TASK_COMM_LEN];
> @@ -53,6 +62,6 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
>                 audit_log_untrustedstring(ab, inode->i_sb->s_id);
>                 audit_log_format(ab, " ino=%lu", inode->i_ino);
>         }
> -       audit_log_format(ab, " res=%d", !result);
> +       audit_log_format(ab, " res=%d errno=%d", !result, errno);
>         audit_log_end(ab);
>  }
> --
> 2.27.0
>


-- 
paul moore
www.paul-moore.com

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v3 2/2] IMA: Add audit log for failure conditions
  2020-06-23 19:58   ` Mimi Zohar
@ 2020-06-24 17:25     ` Lakshmi Ramasubramanian
  2020-06-25 19:14       ` Paul Moore
  0 siblings, 1 reply; 8+ messages in thread
From: Lakshmi Ramasubramanian @ 2020-06-24 17:25 UTC (permalink / raw)
  To: Mimi Zohar, sgrubb, paul; +Cc: rgb, linux-integrity, linux-audit, linux-kernel

On 6/23/20 12:58 PM, Mimi Zohar wrote:

Hi Steve\Paul,

>> Sample audit messages:
>>
>> [    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0
>> auid=4294967295 ses=4294967295 subj=kernel op=measuring_key
>> cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0
>> errno=-12
> 
> My only concern is that auditing -ENOMEM will put additional memory
> pressure on the system.  I'm not sure if this is a concern and, if so,
> how it should be handled.

Do you have any concerns with respect to adding audit messages in low 
memory conditions?

> 
> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>

Thanks Mimi

  -lakshmi

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v3 2/2] IMA: Add audit log for failure conditions
  2020-06-24 17:25     ` Lakshmi Ramasubramanian
@ 2020-06-25 19:14       ` Paul Moore
  2020-06-29 16:57         ` Mimi Zohar
  0 siblings, 1 reply; 8+ messages in thread
From: Paul Moore @ 2020-06-25 19:14 UTC (permalink / raw)
  To: Lakshmi Ramasubramanian
  Cc: Mimi Zohar, sgrubb, rgb, linux-integrity, linux-audit, linux-kernel

On Wed, Jun 24, 2020 at 1:25 PM Lakshmi Ramasubramanian
<nramas@linux.microsoft.com> wrote:
>
> On 6/23/20 12:58 PM, Mimi Zohar wrote:
>
> Hi Steve\Paul,
>
> >> Sample audit messages:
> >>
> >> [    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0
> >> auid=4294967295 ses=4294967295 subj=kernel op=measuring_key
> >> cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0
> >> errno=-12
> >
> > My only concern is that auditing -ENOMEM will put additional memory
> > pressure on the system.  I'm not sure if this is a concern and, if so,
> > how it should be handled.
>
> Do you have any concerns with respect to adding audit messages in low
> memory conditions?

Assuming the system is not completely toast, the allocation failure
could be a very transient issue; I wouldn't worry too much about it.

-- 
paul moore
www.paul-moore.com

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [PATCH v3 2/2] IMA: Add audit log for failure conditions
  2020-06-25 19:14       ` Paul Moore
@ 2020-06-29 16:57         ` Mimi Zohar
  0 siblings, 0 replies; 8+ messages in thread
From: Mimi Zohar @ 2020-06-29 16:57 UTC (permalink / raw)
  To: Paul Moore, Lakshmi Ramasubramanian
  Cc: sgrubb, rgb, linux-integrity, linux-audit, linux-kernel

On Thu, 2020-06-25 at 15:14 -0400, Paul Moore wrote:
> On Wed, Jun 24, 2020 at 1:25 PM Lakshmi Ramasubramanian
> <nramas@linux.microsoft.com> wrote:
> >
> > On 6/23/20 12:58 PM, Mimi Zohar wrote:
> >
> > Hi Steve\Paul,
> >
> > >> Sample audit messages:
> > >>
> > >> [    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0
> > >> auid=4294967295 ses=4294967295 subj=kernel op=measuring_key
> > >> cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0
> > >> errno=-12
> > >
> > > My only concern is that auditing -ENOMEM will put additional memory
> > > pressure on the system.  I'm not sure if this is a concern and, if so,
> > > how it should be handled.
> >
> > Do you have any concerns with respect to adding audit messages in low
> > memory conditions?
> 
> Assuming the system is not completely toast, the allocation failure
> could be a very transient issue; I wouldn't worry too much about it.

There was a major clean up of removing ENOMEM error messages through
out the kernel a while ago by Wolfram Sang.  The subject lines
included "don't print error when allocating XXX fails".  As it turns
out, they were being removed because "kmalloc will print enough
information in case of failure."  It had nothing to do with memory
pressure on the system.

Thanks, Paul.  I think we're good.

Mimi


^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, back to index

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-18 21:10 [PATCH v3 1/2] integrity: Add errno field in audit message Lakshmi Ramasubramanian
2020-06-18 21:10 ` [PATCH v3 2/2] IMA: Add audit log for failure conditions Lakshmi Ramasubramanian
2020-06-23 19:58   ` Mimi Zohar
2020-06-24 17:25     ` Lakshmi Ramasubramanian
2020-06-25 19:14       ` Paul Moore
2020-06-29 16:57         ` Mimi Zohar
2020-06-22 22:27 ` [PATCH v3 1/2] integrity: Add errno field in audit message Mimi Zohar
2020-06-24  0:07 ` Paul Moore

Linux-Integrity Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-integrity/0 linux-integrity/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-integrity linux-integrity/ https://lore.kernel.org/linux-integrity \
		linux-integrity@vger.kernel.org
	public-inbox-index linux-integrity

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-integrity


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git