[dm-devel] [RFC PATCH 2/3] dm verity: add support for IMA target update event
Lakshmi Ramasubramanian
nramas at linux.microsoft.com
Fri May 6 20:35:07 UTC 2022
Hi Thore,
On 1/6/2022 12:34 PM, Thore Sommer wrote:
> On first corruption the verity targets triggers a dm_target_update event.
> This allows other systems to check using IMA if the state of the device is
> still trustworthy via remote attestation.
In the patch description please state the existing problem (or,
limitation in the existing implementation) and then describe how the
proposed change addresses the issue.
>
> Signed-off-by: Thore Sommer <public at thson.de>
> ---
> drivers/md/dm-verity-target.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c
> index 80133aae0db3..09696e25bf1c 100644
> --- a/drivers/md/dm-verity-target.c
> +++ b/drivers/md/dm-verity-target.c
> @@ -16,6 +16,7 @@
> #include "dm-verity.h"
> #include "dm-verity-fec.h"
> #include "dm-verity-verify-sig.h"
> +#include "dm-ima.h"
> #include <linux/module.h>
> #include <linux/reboot.h>
> #include <linux/scatterlist.h>
> @@ -218,10 +219,15 @@ static int verity_handle_err(struct dm_verity *v, enum verity_block_type type,
> char *envp[] = { verity_env, NULL };
> const char *type_str = "";
> struct mapped_device *md = dm_table_get_md(v->ti->table);
> + int old_hash_failed = v->hash_failed;
>
> /* Corruption should be visible in device status in all modes */
> v->hash_failed = 1;
>
> + /* Only remeasure on first failure */
> + if (!old_hash_failed)
> + dm_ima_measure_on_target_update(v->ti);
It is not obvious to me why the call to measure on target update is not
done here immediately. Updating the comment to explain the logic would help.
thanks,
-lakshmi
> +
> if (v->corrupted_errs >= DM_VERITY_MAX_CORRUPTED_ERRS)
> goto out;
>
More information about the dm-devel
mailing list