[PATCH 1/3] ima: keep the integrity state of open files up to date
Eric Biggers
ebiggers at kernel.org
Mon Sep 9 21:39:39 UTC 2019
On Mon, Sep 02, 2019 at 12:45:38PM +0300, Janne Karhunen wrote:
> When a file is open for writing, kernel crash or power outage
> is guaranteed to corrupt the inode integrity state leading to
> file appraisal failure on the subsequent boot. Add some basic
> infrastructure to keep the integrity measurements up to date
> as the files are written to.
>
> Core file operations (open, close, sync, msync, truncate) are
> now allowed to update the measurement immediately. In order
> to maintain sufficient write performance for writes, add a
> latency tunable delayed work workqueue for computing the
> measurements.
>
This still doesn't make it crash-safe. So why is it okay?
- Eric
More information about the Linux-security-module-archive
mailing list