ima: silence measurement list hexdump during kexec (!342) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Bruno Meneguele requested to merge bmeneg/centos-stream-9:ima-fix-hexdump into main Jan 11, 2022

Bugzilla: http://bugzilla.redhat.com/2034157

commit 520451e90cbe9da018a045825626afb354b3465c
Author: Bruno Meneguele bmeneg@redhat.com
Date: Tue Dec 28 23:03:03 2021 -0300

ima: silence measurement list hexdump during kexec  

Directly calling print_hex_dump() dumps the IMA measurement list on soft  
resets (kexec) straight to the syslog (kmsg/dmesg) without considering the  
DEBUG flag or the dynamic debug state, causing the output to be always  
printed, including during boot time.  

Since this output is only valid for IMA debugging, but not necessary on  
normal kexec operation, print_hex_dump_debug() adheres to the pr_debug()  
behavior: the dump is only printed to syslog when DEBUG is defined or when  
explicitly requested by the user through dynamic debugging.  

Signed-off-by: Bruno Meneguele <bmeneg@redhat.com>  
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

Signed-off-by: Bruno Meneguele bmeneg@redhat.com

Edited Jan 14, 2022 by Bruno Meneguele

Admin message

ima: silence measurement list hexdump during kexec

Merge request reports