In all the dm_ima_measure_on_* functions besides dm_ima_measure_on_table_load(), even if measuring the event fails, it's still possible to update dm->ima, so that it continues to correctly track the device state. This means that one measurement failure won't cause future measurements to record the wrong data.
Signed-off-by: Benjamin Marzinski <[email protected]> --- drivers/md/dm-ima.c | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/drivers/md/dm-ima.c b/drivers/md/dm-ima.c index 4631dc2a6d4d..45038bd65f7b 100644 --- a/drivers/md/dm-ima.c +++ b/drivers/md/dm-ima.c @@ -351,17 +351,6 @@ void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap, context->update_idx)); smp_mb(); - device_table_data = dm_ima_alloc(DM_IMA_DEVICE_BUF_LEN, noio); - if (!device_table_data) - goto error; - - capacity_len = dm_ima_alloc_and_copy_capacity_str(md, &capacity_str, noio); - if (capacity_len < 0) - goto error; - - memcpy(device_table_data + l, DM_IMA_VERSION_STR, strlen(DM_IMA_VERSION_STR)); - l += strlen(DM_IMA_VERSION_STR); - if (swap) { kfree(md->ima.active_table.hash); kfree(md->ima.active_table.device_metadata); @@ -382,6 +371,17 @@ void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap, } } + device_table_data = dm_ima_alloc(DM_IMA_DEVICE_BUF_LEN, noio); + if (!device_table_data) + goto error; + + capacity_len = dm_ima_alloc_and_copy_capacity_str(md, &capacity_str, noio); + if (capacity_len < 0) + goto error; + + memcpy(device_table_data + l, DM_IMA_VERSION_STR, strlen(DM_IMA_VERSION_STR)); + l += strlen(DM_IMA_VERSION_STR); + if (md->ima.active_table.device_metadata) { memcpy(device_table_data + l, md->ima.active_table.device_metadata, md->ima.active_table.device_metadata_len); @@ -624,11 +624,11 @@ void dm_ima_measure_on_table_clear(struct mapped_device *md, dm_ima_measure_data("dm_table_clear", device_table_data, l, noio); +error: kfree(md->ima.inactive_table.hash); kfree(md->ima.inactive_table.device_metadata); memset(&md->ima.inactive_table, 0, sizeof(md->ima.inactive_table)); -error: kfree(capacity_str); kfree(device_table_data); @@ -657,6 +657,8 @@ void dm_ima_measure_on_device_rename(struct mapped_device *md, context->update_idx)); smp_mb(); + fix_context_strings(context); + combined_device_data = dm_ima_alloc(DM_IMA_DEVICE_BUF_LEN * 2, noio); if (!combined_device_data) goto exit; @@ -670,11 +672,15 @@ void dm_ima_measure_on_device_rename(struct mapped_device *md, old_device_data = md->ima.inactive_table.device_metadata; else old_device_data = "table_rename=no_data;"; - fix_context_strings(context); len = scnprintf(combined_device_data, DM_IMA_DEVICE_BUF_LEN * 2, "%s%snew_name=%s,new_uuid=%s;%s", DM_IMA_VERSION_STR, old_device_data, context->dev_name, context->dev_uuid, capacity_str); + dm_ima_measure_data("dm_device_rename", combined_device_data, len, noio); +exit: + kfree(capacity_str); + kfree(combined_device_data); + if (md->ima.active_table.device_metadata) { table = &md->ima.active_table; dm_ima_copy_device_data(md, table->device_metadata, context, @@ -689,12 +695,6 @@ void dm_ima_measure_on_device_rename(struct mapped_device *md, table->device_metadata_len = strlen(table->device_metadata); } - dm_ima_measure_data("dm_device_rename", combined_device_data, len, noio); - -exit: - kfree(capacity_str); - kfree(combined_device_data); - smp_mb__before_atomic(); atomic_inc(&md->ima.measure_idx); wake_up_all(&md->ima.ima_wq); -- 2.53.0
