When it ran out of space for adding more targets to the ima_buf, dm_ima_measure_on_table_load() would measure the dm device early, and then add the rest of the targets and measure it again. last_target_measured was intended to flag the last target measured so that the device wouldn't get remeasured, if no new targets were added after the early measurement. But the way to code works, the dm device will never be measured early unless there is another target to add to the ima_buf. Instead, if there is only one more target to add, that target was getting added to the ima_buf, but it wasn't getting remeasured, because last_target_measured was set. Since dm_ima_measure_on_table_load() only measures a device early when there are more targets to add, the final measurement must always happen, and last_target_measured is unneeded.
Signed-off-by: Benjamin Marzinski <[email protected]> --- drivers/md/dm-ima.c | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/drivers/md/dm-ima.c b/drivers/md/dm-ima.c index a639bb0fe6c3..209221fa8bc5 100644 --- a/drivers/md/dm-ima.c +++ b/drivers/md/dm-ima.c @@ -167,7 +167,6 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl size_t device_data_buf_len, target_metadata_buf_len, target_data_buf_len, l = 0; char *target_metadata_buf = NULL, *target_data_buf = NULL, *digest_buf = NULL; char *ima_buf = NULL, *device_data_buf = NULL; - int last_target_measured = -1; status_type_t type = STATUSTYPE_IMA; size_t cur_total_buf_len = 0; unsigned int num_targets, i; @@ -205,8 +204,6 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl for (i = 0; i < num_targets; i++) { struct dm_target *ti = dm_table_get_target(table, i); - last_target_measured = 0; - /* * First retrieve the target metadata. */ @@ -256,14 +253,6 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl memcpy(ima_buf + l, device_data_buf, device_data_buf_len); l += device_data_buf_len; - - /* - * If this iteration of the for loop turns out to be the last target - * in the table, dm_ima_measure_data("dm_table_load", ...) doesn't need - * to be called again, just the hash needs to be finalized. - * "last_target_measured" tracks this state. - */ - last_target_measured = 1; } /* @@ -277,11 +266,8 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl l += target_data_buf_len; } - if (!last_target_measured) { - dm_ima_measure_data(table_load_event_name, ima_buf, l, noio); - - sha256_update(&hash_ctx, (const u8 *)ima_buf, l); - } + dm_ima_measure_data(table_load_event_name, ima_buf, l, noio); + sha256_update(&hash_ctx, (const u8 *)ima_buf, l); /* * Finalize the table hash, and store it in table->md->ima.inactive_table.hash, -- 2.53.0
