From: Roberto Sassu <roberto.sassu@huawei.com>
To: Mimi Zohar <zohar@linux.ibm.com>,
"paul@paul-moore.com" <paul@paul-moore.com>
Cc: "stephen.smalley.work@gmail.com" <stephen.smalley.work@gmail.com>,
"prsriva02@gmail.com" <prsriva02@gmail.com>,
"tusharsu@linux.microsoft.com" <tusharsu@linux.microsoft.com>,
"nramas@linux.microsoft.com" <nramas@linux.microsoft.com>,
"linux-integrity@vger.kernel.org"
<linux-integrity@vger.kernel.org>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"selinux@vger.kernel.org" <selinux@vger.kernel.org>
Subject: RE: [PATCH v3 2/3] ima: Return int in the functions to measure a buffer
Date: Tue, 20 Jul 2021 12:38:43 +0000 [thread overview]
Message-ID: <bd953894da3041d5969da645db2f982e@huawei.com> (raw)
In-Reply-To: <2f4920dbdb16156e1af5cf78f592a5cf07ec3176.camel@linux.ibm.com>
> From: Mimi Zohar [mailto:zohar@linux.ibm.com]
> Sent: Monday, July 19, 2021 10:28 PM
> Hi Roberto,
>
> On Mon, 2021-07-05 at 11:09 +0200, Roberto Sassu wrote:
> > ima_measure_critical_data() and process_buffer_measurement() currently
> > don't return a result. A caller wouldn't be able to know whether those
> > functions were executed successfully.
>
> Missing is an explanation as to why these functions aren't currently
> returning a result. The LSM/IMA hooks only return a negative result
> for failure to appraise a file's integrity, not measure a file. Only
> failure to appraise a file's integrity results in preventing the file
> from being read/executed/mmaped. Other failures are only audited.
Hi Mimi
ok, will add it.
> > This patch modifies the return type from void to int, and returns 0 if the
> > buffer has been successfully measured, a negative value otherwise.
>
> Needed here is an explanation as to why ima_measure_critical_data() is
> special.
We don't want to unnecessarily calculate the digest twice.
> > Also, this patch does not modify the behavior of existing callers by
> > processing the returned value. For those, the return value is ignored.
>
> I agree that the existing behavior shouldn't change, but will this
> result in the bots complaining?
If I remember correctly, I didn't get any error even with W=1.
Thanks
Roberto
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Li Jian, Shi Yanli
> thanks,
>
> Mimi
next prev parent reply other threads:[~2021-07-20 12:38 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-05 9:09 [PATCH v3 0/3] ima: Provide more info about buffer measurement Roberto Sassu
2021-07-05 9:09 ` [PATCH v3 1/3] ima: Introduce ima_get_current_hash_algo() Roberto Sassu
2021-07-05 9:09 ` [PATCH v3 2/3] ima: Return int in the functions to measure a buffer Roberto Sassu
2021-07-06 19:21 ` Lakshmi Ramasubramanian
2021-07-19 20:28 ` Mimi Zohar
2021-07-20 12:38 ` Roberto Sassu [this message]
2021-07-20 13:01 ` Mimi Zohar
2021-07-05 9:09 ` [PATCH v3 3/3] ima: Add digest and digest_len params to " Roberto Sassu
2021-07-06 19:24 ` Lakshmi Ramasubramanian
2021-07-13 2:40 ` Paul Moore
2021-07-19 20:59 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bd953894da3041d5969da645db2f982e@huawei.com \
--to=roberto.sassu@huawei.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=nramas@linux.microsoft.com \
--cc=paul@paul-moore.com \
--cc=prsriva02@gmail.com \
--cc=selinux@vger.kernel.org \
--cc=stephen.smalley.work@gmail.com \
--cc=tusharsu@linux.microsoft.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.