diff options
author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2014-10-03 13:40:18 +0200 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2014-10-12 05:25:25 +0200 |
commit | 78bb5d0b4fe1988ae1a2a0cad0776134846414bd (patch) | |
tree | 4ed58c52eeebe8df3ab83199f794cea2292bd04a /security | |
parent | ima: use path names cache (diff) | |
download | linux-78bb5d0b4fe1988ae1a2a0cad0776134846414bd.tar.xz linux-78bb5d0b4fe1988ae1a2a0cad0776134846414bd.zip |
ima: report policy load status
Audit messages are rate limited, often causing the policy update
info to not be visible. Report policy loading status also using
pr_info.
Changes in v2:
* reporting moved to ima_release_policy to notice parsing errors
* reporting both completed and failed status
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/ima/ima_fs.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index da92fcc08d15..16d85273d408 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -311,6 +311,8 @@ static int ima_open_policy(struct inode *inode, struct file *filp) */ static int ima_release_policy(struct inode *inode, struct file *file) { + pr_info("IMA: policy update %s\n", + valid_policy ? "completed" : "failed"); if (!valid_policy) { ima_delete_rules(); valid_policy = 1; |