Re: [PATCH v2] ima: silence measurement list hexdump during kexec

[Bruno Meneguele]

Hi Mimi,

On Fri, Dec 24, 2021 at 08:28:01AM -0500, Mimi Zohar wrote:
> Hi Bruno,
> 
> On Fri, 2021-12-24 at 10:14 -0300, Bruno Meneguele wrote:
> > The measurement list is dumped during a soft reset (kexec) through the call
> > to print_hex_dump(KERN_DEBUG, ...), printing to the system log ignoring both
> > DEBUG build flag and CONFIG_DYNAMIC_DEBUG option.
> 
> Before upstreaming this patch, the reason for the config options "being
> ignored", if that is really what is happening, needs to be understood
> and documented here in the patch description.

I don't see why the code would intentionally ignore the option,
considering that CONFIG_DYNAMIC_DEBUG basically give the user the
ability to enable/disable pr_debug/printk(KERN_DEBUG) calls during
runtime. Maybe I shouldn't use the word "ignoring" in the description,
would it make things clearer?

> 
> thanks,
> 
> Mimi
> 
> > 
> > To honor the above conditions the macro print_hex_dump_debug() should be
> > used instead, thus depending on the enabled option/flag the output is given
> > by a different function call or even silenced.
> > 
> > Signed-off-by: Bruno Meneguele <bmeneg@xxxxxxxxxx>
> 

-- 
bmeneg 
PGP Key: http://bmeneg.com/pubkey.txt

Attachment: signature.asc
Description: PGP signature