Merge tag 'integrity-v5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar...

[sfrench/cifs-2.6.git] / security / integrity / ima / ima_queue_keys.c

diff --git a/security/integrity/ima/ima_queue_keys.c b/security/integrity/ima/ima_queue_keys.c
index cb3e3f5015936904d41e71b901f2c0c20f9380d5..69a8626a35c0ebefc332edfff10aa5a0094193c3 100644 (file)
--- a/security/integrity/ima/ima_queue_keys.c
+++ b/security/integrity/ima/ima_queue_keys.c
@@ -68,6 +68,7 @@ static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring,
                                                 size_t payload_len)
 {
        int rc = 0;
+       const char *audit_cause = "ENOMEM";
        struct ima_key_entry *entry;
 
        entry = kzalloc(sizeof(*entry), GFP_KERNEL);
@@ -88,6 +89,10 @@ static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring,
 
 out:
        if (rc) {
+               integrity_audit_message(AUDIT_INTEGRITY_PCR, NULL,
+                                       keyring->description,
+                                       func_measure_str(KEY_CHECK),
+                                       audit_cause, rc, 0, rc);
                ima_free_key_entry(entry);
                entry = NULL;
        }
@@ -153,7 +158,7 @@ void ima_process_queued_keys(void)
 
        list_for_each_entry_safe(entry, tmp, &ima_keys, list) {
                if (!timer_expired)
-                       process_buffer_measurement(entry->payload,
+                       process_buffer_measurement(NULL, entry->payload,
                                                   entry->payload_len,
                                                   entry->keyring_name,
                                                   KEY_CHECK, 0,