EVM: Only complain about a missing HMAC key once A system can validate EVM digital signatures without requiring an HMAC key, but every EVM validation will generate a kernel error. Change this so we only generate an error once. Signed-off-by: Matthew Garrett <mjg59@google.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

commit: 0485d066d82c308e28e76b7fc6cdec46ae46eeb6 [log] [tgz]
author: Matthew Garrett <mjg59@google.com> Wed Oct 11 12:11:12 2017 -0700
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> Wed Nov 08 15:16:36 2017 -0500
tree: 2f8df336d7bb3cdafa24ee19627c512413286dca
parent: f00d79750712511d0a83c108eea0d44b680a915f [diff] [blame]
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index 1d32cd2..bcd64ba 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c

@@ -80,7 +80,7 @@ static struct shash_desc *init_desc(char type)
 
 	if (type == EVM_XATTR_HMAC) {
 		if (!(evm_initialized & EVM_INIT_HMAC)) {
-			pr_err("HMAC key is not set\n");
+			pr_err_once("HMAC key is not set\n");
 			return ERR_PTR(-ENOKEY);
 		}
 		tfm = &hmac_tfm;
commit	0485d066d82c308e28e76b7fc6cdec46ae46eeb6	[log] [tgz]
author	Matthew Garrett <mjg59@google.com>	Wed Oct 11 12:11:12 2017 -0700
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	Wed Nov 08 15:16:36 2017 -0500
tree	2f8df336d7bb3cdafa24ee19627c512413286dca
parent	f00d79750712511d0a83c108eea0d44b680a915f [diff] [blame]