[PATCH v3 2/3] ima: Return int in the functions to measure a buffer
Mimi Zohar
zohar at linux.ibm.com
Tue Jul 20 13:01:50 UTC 2021
On Tue, 2021-07-20 at 12:38 +0000, Roberto Sassu wrote:
> > > This patch modifies the return type from void to int, and returns 0 if the
> > > buffer has been successfully measured, a negative value otherwise.
> >
> > Needed here is an explanation as to why ima_measure_critical_data() is
> > special.
>
> We don't want to unnecessarily calculate the digest twice.
That's what the "iint" cache is for. . This needs more a of an
explaintion as to why ima_measure_critical_data() is special.
thanks,
Mimi
More information about the Linux-security-module-archive
mailing list