On 14/11/12, Paul Moore wrote: > On Wednesday, November 12, 2014 02:01:34 PM Richard Guy Briggs wrote: > > Convert WARN_ONCE() to printk_once() in selinux_nlmsg_perm(). > > > > After conversion from audit_log() in commit e173fb26, WARN_ONCE() was deemed > > too alarmist, so switch it to printk_once(). If this gets buried in the > > noise, it may be converted to a rate-limited call in the future. > > > > Signed-off-by: Richard Guy Briggs <[email protected]> > > --- > > security/selinux/hooks.c | 6 +++--- > > 1 files changed, 3 insertions(+), 3 deletions(-) > > > > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > > index e663141..17d0066 100644 > > --- a/security/selinux/hooks.c > > +++ b/security/selinux/hooks.c > > @@ -4725,9 +4725,9 @@ static int selinux_nlmsg_perm(struct sock *sk, struct > > sk_buff *skb) err = selinux_nlmsg_lookup(sksec->sclass, nlh->nlmsg_type, > > &perm); if (err) { > > if (err == -EINVAL) { > > - WARN_ONCE(1, "selinux_nlmsg_perm: unrecognized netlink > message:" > > - " protocol=%hu nlmsg_type=%hu sclass=%hu\n", > > - sk->sk_protocol, nlh->nlmsg_type, > > sksec->sclass); > > + printk_once("selinux_nlmsg_perm: unrecognized netlink > > message:" > > + " protocol=%hu nlmsg_type=%hu sclass=%hu\n", > > + sk->sk_protocol, nlh->nlmsg_type, > > sksec->sclass); > > if (!selinux_enforcing || security_get_allow_unknown()) > > err = 0; > > } > > My apologies, I should have noticed this sooner, but printk_once() is > probably > not a good choice here as only the first invalid netlink message will be > displayed. This is fine if all the invalid netlink messages happen the same, > but that isn't likely to be the case.
This was the same situation with WARN_ONCE(), hence my comment about difficulty in debugging... > Richard, any objections if I convert the printk_once() to a printk(WARN) and > update the patch description accordingly? Use pr_warn() instead... > paul moore - RGB -- Richard Guy Briggs <[email protected]> Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat Remote, Ottawa, Canada Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545 -- To unsubscribe from this list: send the line "unsubscribe trinity" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
