diff options
| author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2014-10-03 07:40:18 -0400 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2014-10-11 23:25:25 -0400 |
| commit | 78bb5d0b4fe1988ae1a2a0cad0776134846414bd (patch) | |
| tree | 4ed58c52eeebe8df3ab83199f794cea2292bd04a /security/integrity | |
| parent | 456f5fd3f6017f10d04d459159ac7bd9e3815c5e (diff) | |
ima: report policy load status
Audit messages are rate limited, often causing the policy update
info to not be visible. Report policy loading status also using
pr_info.
Changes in v2:
* reporting moved to ima_release_policy to notice parsing errors
* reporting both completed and failed status
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity')
| -rw-r--r-- | security/integrity/ima/ima_fs.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index da92fcc08d15..16d85273d408 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c | |||
| @@ -311,6 +311,8 @@ static int ima_open_policy(struct inode *inode, struct file *filp) | |||
| 311 | */ | 311 | */ |
| 312 | static int ima_release_policy(struct inode *inode, struct file *file) | 312 | static int ima_release_policy(struct inode *inode, struct file *file) |
| 313 | { | 313 | { |
| 314 | pr_info("IMA: policy update %s\n", | ||
| 315 | valid_policy ? "completed" : "failed"); | ||
| 314 | if (!valid_policy) { | 316 | if (!valid_policy) { |
| 315 | ima_delete_rules(); | 317 | ima_delete_rules(); |
| 316 | valid_policy = 1; | 318 | valid_policy = 1; |