dm-devel.redhat.com archive mirror
 help / color / mirror / Atom feed
From: Tushar Sugandhi <tusharsu@linux.microsoft.com>
To: dm-devel@redhat.com, agk@redhat.com, snitzer@redhat.com
Cc: sfr@canb.auug.org.au, zohar@linux.ibm.com,
	nramas@linux.microsoft.com, public@thson.de,
	tusharsu@linux.microsoft.com, linux-integrity@vger.kernel.org
Subject: [dm-devel] [PATCH 3/6] dm ima: prefix ima event name related to device mapper with dm_
Date: Fri, 13 Aug 2021 14:37:58 -0700	[thread overview]
Message-ID: <20210813213801.297051-4-tusharsu@linux.microsoft.com> (raw)
In-Reply-To: <20210813213801.297051-1-tusharsu@linux.microsoft.com>

The event names for the DM events recorded in the ima log do not contain
any information to indicate the events are part of the DM devices/targets.

Prefix the event names for DM events with "dm_" to indicate that they
are part of device-mapper.

Signed-off-by: Tushar Sugandhi <tusharsu@linux.microsoft.com>
Suggested-by: Thore Sommer <public@thson.de>
---
 drivers/md/dm-ima.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/drivers/md/dm-ima.c b/drivers/md/dm-ima.c
index 458a3a1d78bc..81a574129a80 100644
--- a/drivers/md/dm-ima.c
+++ b/drivers/md/dm-ima.c
@@ -193,6 +193,7 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl
 				 * the hash value with the hash algorithm name.
 				 * e.g. sha256:<hash_value>.
 				 */
+	char table_load_event_name[] = "dm_table_load";
 
 	ima_buf = dm_ima_alloc(DM_IMA_MEASUREMENT_BUF_LEN, GFP_KERNEL, noio);
 	if (!ima_buf)
@@ -272,7 +273,7 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl
 		 * targets by prefixing the device metadata again.
 		 */
 		if (unlikely(cur_total_buf_len >= DM_IMA_MEASUREMENT_BUF_LEN)) {
-			dm_ima_measure_data("table_load", ima_buf, l, noio);
+			dm_ima_measure_data(table_load_event_name, ima_buf, l, noio);
 			r = crypto_shash_update(shash, (const u8 *)ima_buf, l);
 			if (r < 0)
 				goto error;
@@ -281,8 +282,8 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl
 			l = 0;
 
 			/*
-			 * Each new "table_load" entry in IMA log should have device data
-			 * prefix, so that multiple records from the same table_load for
+			 * Each new "dm_table_load" entry in IMA log should have device data
+			 * prefix, so that multiple records from the same "dm_table_load" for
 			 * a given device can be linked together.
 			 */
 			memcpy(ima_buf + l, DM_IMA_VERSION_STR, table->md->ima.dm_version_str_len);
@@ -293,7 +294,7 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl
 
 			/*
 			 * If this iteration of the for loop turns out to be the last target
-			 * in the table, dm_ima_measure_data("table_load", ...) doesn't need
+			 * in the table, dm_ima_measure_data("dm_table_load", ...) doesn't need
 			 * to be called again, just the hash needs to be finalized.
 			 * "last_target_measured" tracks this state.
 			 */
@@ -312,7 +313,7 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl
 	}
 
 	if (!last_target_measured) {
-		dm_ima_measure_data("table_load", ima_buf, l, noio);
+		dm_ima_measure_data(table_load_event_name, ima_buf, l, noio);
 
 		r = crypto_shash_update(shash, (const u8 *)ima_buf, l);
 		if (r < 0)
@@ -461,7 +462,7 @@ void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap)
 	memcpy(device_table_data + l, capacity_str, capacity_len);
 	l += capacity_len;
 
-	dm_ima_measure_data("device_resume", device_table_data, l, noio);
+	dm_ima_measure_data("dm_device_resume", device_table_data, l, noio);
 
 	kfree(dev_name);
 	kfree(dev_uuid);
@@ -578,7 +579,7 @@ void dm_ima_measure_on_device_remove(struct mapped_device *md, bool remove_all)
 	memcpy(device_table_data + l, capacity_str, capacity_len);
 	l += capacity_len;
 
-	dm_ima_measure_data("device_remove", device_table_data, l, noio);
+	dm_ima_measure_data("dm_device_remove", device_table_data, l, noio);
 
 error:
 	kfree(device_table_data);
@@ -659,7 +660,7 @@ void dm_ima_measure_on_table_clear(struct mapped_device *md, bool new_map)
 	memcpy(device_table_data + l, capacity_str, capacity_len);
 	l += capacity_len;
 
-	dm_ima_measure_data("table_clear", device_table_data, l, noio);
+	dm_ima_measure_data("dm_table_clear", device_table_data, l, noio);
 
 	if (new_map) {
 		if (md->ima.inactive_table.hash &&
@@ -734,7 +735,7 @@ void dm_ima_measure_on_device_rename(struct mapped_device *md)
 		  "%s%snew_name=%s,new_uuid=%s;%s", DM_IMA_VERSION_STR, old_device_data,
 		  new_dev_name, new_dev_uuid, capacity_str);
 
-	dm_ima_measure_data("device_rename", combined_device_data, strlen(combined_device_data),
+	dm_ima_measure_data("dm_device_rename", combined_device_data, strlen(combined_device_data),
 			    noio);
 
 	goto exit;
-- 
2.32.0


--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel


  parent reply	other threads:[~2021-08-13 21:38 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-13 21:37 [dm-devel] [PATCH 0/6] updates to device mapper target measurement using ima Tushar Sugandhi
2021-08-13 21:37 ` [dm-devel] [PATCH 1/6] dm ima: prefix dm table hashes in ima log with hash algorithm Tushar Sugandhi
2021-08-13 21:37 ` [dm-devel] [PATCH 2/6] dm ima: add version info to dm related events in ima log Tushar Sugandhi
2021-08-13 21:37 ` Tushar Sugandhi [this message]
2021-08-13 21:37 ` [dm-devel] [PATCH 4/6] dm ima: add a warning in dm_init if duplicate ima events are not measured Tushar Sugandhi
2021-08-13 21:38 ` [dm-devel] [PATCH 5/6] dm ima: update dm target attributes for ima measurements Tushar Sugandhi
2021-08-13 21:38 ` [dm-devel] [PATCH 6/6] dm ima: update dm documentation for ima measurement support Tushar Sugandhi
2021-08-20 20:19 ` [dm-devel] [PATCH 0/6] updates to device mapper target measurement using ima Mike Snitzer
2021-08-23 17:18   ` Tushar Sugandhi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210813213801.297051-4-tusharsu@linux.microsoft.com \
    --to=tusharsu@linux.microsoft.com \
    --cc=agk@redhat.com \
    --cc=dm-devel@redhat.com \
    --cc=linux-integrity@vger.kernel.org \
    --cc=nramas@linux.microsoft.com \
    --cc=public@thson.de \
    --cc=sfr@canb.auug.org.au \
    --cc=snitzer@redhat.com \
    --cc=zohar@linux.ibm.com \
    --subject='Re: [dm-devel] [PATCH 3/6] dm ima: prefix ima event name related to device mapper with dm_' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).