• Lakshmi Ramasubramanian's avatar
    IMA: Add audit log for failure conditions · 34e980bb
    Lakshmi Ramasubramanian authored
    process_buffer_measurement() and ima_alloc_key_entry() functions need to
    log an audit message for auditing integrity measurement failures.
    
    Add audit message in these two functions. Remove "pr_devel" log message
    in process_buffer_measurement().
    
    Sample audit messages:
    
    [    6.303048] audit: type=1804 audit(1592506281.627:2): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel op=measuring_key cause=ENOMEM comm="swapper/0" name=".builtin_trusted_keys" res=0 errno=-12
    
    [    8.019432] audit: type=1804 audit(1592506283.344:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 op=measuring_kexec_cmdline cause=hashing_error comm="systemd" name="kexec-cmdline" res=0 errno=-22
    Signed-off-by: default avatarLakshmi Ramasubramanian <nramas@linux.microsoft.com>
    Suggested-by: default avatarMimi Zohar <zohar@linux.ibm.com>
    Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
    34e980bb
ima_policy.c 44.6 KB