[PATCH v3 2/3] ima: Return int in the functions to measure a buffer

Mimi Zohar zohar at linux.ibm.com
Tue Jul 20 13:01:50 UTC 2021


On Tue, 2021-07-20 at 12:38 +0000, Roberto Sassu wrote:
> > > This patch modifies the return type from void to int, and returns 0 if the
> > > buffer has been successfully measured, a negative value otherwise.
> > 
> > Needed here is an explanation as to why ima_measure_critical_data() is
> > special.
> 
> We don't want to unnecessarily calculate the digest twice.

That's what the "iint" cache is for.  .  This needs more a of an
explaintion as to why  ima_measure_critical_data() is special.

thanks,

Mimi



More information about the Linux-security-module-archive mailing list