diff options
author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2014-10-03 15:40:18 +0400 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2014-10-12 07:25:25 +0400 |
commit | 78bb5d0b4fe1988ae1a2a0cad0776134846414bd (patch) | |
tree | 4ed58c52eeebe8df3ab83199f794cea2292bd04a /security/integrity | |
parent | 456f5fd3f6017f10d04d459159ac7bd9e3815c5e (diff) | |
download | linux-78bb5d0b4fe1988ae1a2a0cad0776134846414bd.tar.xz |
ima: report policy load status
Audit messages are rate limited, often causing the policy update
info to not be visible. Report policy loading status also using
pr_info.
Changes in v2:
* reporting moved to ima_release_policy to notice parsing errors
* reporting both completed and failed status
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity')
-rw-r--r-- | security/integrity/ima/ima_fs.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index da92fcc08d15..16d85273d408 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -311,6 +311,8 @@ static int ima_open_policy(struct inode *inode, struct file *filp) */ static int ima_release_policy(struct inode *inode, struct file *file) { + pr_info("IMA: policy update %s\n", + valid_policy ? "completed" : "failed"); if (!valid_policy) { ima_delete_rules(); valid_policy = 1; |