[RFC PATCH v10 11/17] dm-verity: consume root hash digest and signature data via LSM hook

Fan Wu wufan at linux.microsoft.com
Wed Aug 9 18:02:42 UTC 2023


On Wed, Aug 09, 2023 at 12:40:23AM +0100, Alasdair G Kergon wrote:
> On Tue, Aug 08, 2023 at 03:45:03PM -0700, Fan Wu wrote:
> > On Tue, Jul 25, 2023 at 04:43:48PM -0400, Paul Moore wrote:
> > > Where would the finalize() hook be called?
> > 
> > It is in the __bind function in drivers/md/dm.c, calling just before 
> > rcu_assign_pointer(md->map, (void *)t) which activates the inactive table.
>  
> That would be after the existing commit point, meaning the table swap
> cannot be cancelled there, so is the finalize() you are proposing void()
> i.e. designed so it always succeeds?
> 
> Alasdair

Thanks for the input.

Actually, no, the hook can be failed. I noticed the existing call before rcu_assign_pointer(md->map, (void *)t);
(https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/md/dm.c#n2255)
can also be failed so I was following the same pattern.

Could you explain a bit more about the "commit point"? It sounds like it might be better to move
the hook call just before the commit point instead.

-Fan



More information about the Linux-security-module-archive mailing list