On 2020-08-31 11:23 a.m., Mimi Zohar wrote:
As I responded in patch 2, I can ignore the result of process_buffer_measurement() in ima_measure_critical_data(), and makediff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 52cbbc1f7ea2..a889bf40cb7e 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -869,6 +869,30 @@ void ima_kexec_cmdline(int kernel_fd, const void *buf, int size) fdput(f); }+/**+ * ima_measure_critical_data - measure critical data + * @event_name: name for the given data + * @event_data_source: name of the event data source + * @buf: pointer to buffer containing data to measure + * @buf_len: length of buffer(in bytes) + * @measure_buf_hash: if set to true - will measure hash of the buf, + * instead of buf + * + * Buffers can only be measured, not appraised. + */ +int ima_measure_critical_data(const char *event_name, + const char *event_data_source, + const void *buf, int buf_len, + bool measure_buf_hash) +{ + if (!event_name || !event_data_source || !buf || !buf_len) + return -EINVAL; + + return process_buffer_measurement(NULL, buf, buf_len, event_name, + CRITICAL_DATA, 0, event_data_source, + measure_buf_hash);This is exactly what I'm concerned about. Failure to measure data may be audited, but should never fail. Mimi
ima_measure_critical_data() return type as "void". But that’s the only place where the results of p_b_m() are being used. So I might as well just revert the return type of p_b_m() to the original "void".
+}
