[RFC PATCH v10 11/17] dm-verity: consume root hash digest and signature data via LSM hook
Alasdair G Kergon
agk at redhat.com
Tue Aug 8 23:40:23 UTC 2023
On Tue, Aug 08, 2023 at 03:45:03PM -0700, Fan Wu wrote:
> On Tue, Jul 25, 2023 at 04:43:48PM -0400, Paul Moore wrote:
> > Where would the finalize() hook be called?
>
> It is in the __bind function in drivers/md/dm.c, calling just before
> rcu_assign_pointer(md->map, (void *)t) which activates the inactive table.
That would be after the existing commit point, meaning the table swap
cannot be cancelled there, so is the finalize() you are proposing void()
i.e. designed so it always succeeds?
Alasdair
More information about the Linux-security-module-archive
mailing list