1. Patchew
  2. linux
  3. [PATCH v3 0/4] module: logging and code improvements
  4. View patch

[PATCH v3 1/4] module: signing: Use pr_err for signature rejection

Jinchao Wang posted 4 patches 5 months, 1 week ago
[PATCH v3 1/4] module: signing: Use pr_err for signature rejection
Posted by Jinchao Wang 5 months, 1 week ago 
Make module signature rejection messages more visible by using pr_err
instead of pr_notice.

Signed-off-by: Jinchao Wang <wangjinchao600@gmail.com>
---
 kernel/module/signing.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/module/signing.c b/kernel/module/signing.c
index a2ff4242e623..557cb795fa31 100644
--- a/kernel/module/signing.c
+++ b/kernel/module/signing.c
@@ -117,7 +117,7 @@ int module_sig_check(struct load_info *info, int flags)
 	}
 
 	if (is_module_sig_enforced()) {
-		pr_notice("Loading of %s is rejected\n", reason);
+		pr_err("Loading of %s is rejected\n", reason);
 		return -EKEYREJECTED;
 	}
 
-- 
2.43.0
Re: [PATCH v3 1/4] module: signing: Use pr_err for signature rejection
Posted by Daniel Gomez 5 months, 1 week ago 
On 29/08/2025 10.49, Jinchao Wang wrote:
> Make module signature rejection messages more visible by using pr_err
> instead of pr_notice.

Can you elaborate a bit more? Why is this needed?

IMO, I don't think making it more visible is enough rational to increase the
level.
Re: [PATCH v3 1/4] module: signing: Use pr_err for signature rejection
Posted by Jinchao Wang 5 months, 1 week ago 
On 9/2/25 02:18, Daniel Gomez wrote:
> On 29/08/2025 10.49, Jinchao Wang wrote:
>> Make module signature rejection messages more visible by using pr_err
>> instead of pr_notice.
> 
> Can you elaborate a bit more? Why is this needed?
> 
> IMO, I don't think making it more visible is enough rational to increase the
> level.

Thank you for the feedback.

When using dmesg, pr_err is displayed in red, pr_warn in yellow, and
pr_notice/pr_info in the default color. This makes pr_err more visible
to users.

In the kernel tree, there are around 4161 pr_err calls across 20000
files, compared to 276 pr_notice calls across 827 files. From reviewing
them, pr_notice is typically used in default or informational branches,
while pr_err is mostly used in error paths.

Since this rejection path returns -EKEYREJECTED and prevents the
operation from proceeding, it aligns more closely with other uses of
pr_err than with pr_notice. For these reasons, I believe pr_err is the
appropriate choice here.

-- 
Best regards,
Jinchao
Re: [PATCH v3 1/4] module: signing: Use pr_err for signature rejection
Posted by Petr Pavlu 5 months, 1 week ago 
On 8/29/25 10:49 AM, Jinchao Wang wrote:
> Make module signature rejection messages more visible by using pr_err
> instead of pr_notice.
> 
> Signed-off-by: Jinchao Wang <wangjinchao600@gmail.com>

Reviewed-by: Petr Pavlu <petr.pavlu@suse.com>

-- 
Thanks,
Petr

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.