On 04-12, Joe Perches wrote:
> On Mon, 2017-12-04 at 18:23 -0200, Bruno E. O. Meneguele wrote:
> > Simple but useful message log to the user in case of module appraise is
> > forced and fails due to the lack of file descriptor, that might be
> > caused by kmod calls to compressed modules.
> []
> > diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> []
> > @@ -366,8 +366,12 @@ int ima_read_file(struct file *file, enum kernel_read_file_id read_id)
> >
> > if (!file && read_id == READING_MODULE) {
> > if (!sig_enforce && (ima_appraise & IMA_APPRAISE_MODULES) &&
> > - (ima_appraise & IMA_APPRAISE_ENFORCE))
> > + (ima_appraise & IMA_APPRAISE_ENFORCE)) {
> > + pr_err("impossible to appraise a module without a file \
> > + descriptor. sig_enforce kernel parameter might \
> > + help\n");
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> You should probably use scripts/checkpatch.pl on your proposed
> patches
> before sending them.
>
> You've got a lot of tabs and spaces after every line continuation.
> Please coalesce the format on a single line and avoid this defect.
>
> pr_err("impossible to appraise a module without a file descriptor. sig_enforce kernel parameter might help\n");
>
Oh gosh, sorry for that. You're right. I'll post a v3, changing to the
way you pointed, soon.
Thanks!
Attachment:
signature.asc
Description: PGP signature
