On 02/20/2012 07:52 PM, Lennart Poettering wrote:
On Mon, 20.02.12 19:23, Roberto Sassu (roberto.sassu@xxxxxxxxx) wrote:
+ log_error("mmap() failed (%s), freezing", strerror(errno));
+ result = -errno;
+ goto out;
+ }
+
+ while(written< policy_size) {
+ ssize_t len = write(imafd, policy + written,
+ policy_size - written);
+ if (len<= 0) {
+ log_error("Failed to load the IMA custom policy "
+ "file %s (%s), ignoring.", IMA_POLICY_PATH,
+ strerror(errno));
+ goto out_mmap;
+ }
+ written += len;
+ }
It might make sense to use loop_write() here instead, which does more or
less this loop, and is defined in util.c anyway.
I briefly looked at the code and i'm not sure to use it, because i want
to add some extra information in the output message (for example the
line number of the rule in the policy file that was rejected by IMA).
Line number? The policy is text? Your code above doesn't print any line
numbers?
Sorry, this is not done in the current patch. But i think it may be
useful for a user to know what rule is being rejected by IMA.
Yes, the policy is text.
Thanks
Roberto Sassu
Lennart
--
To unsubscribe from this list: send the line "unsubscribe initramfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
