2021-07-26 16:41:29

by Roberto Sassu

[permalink] [raw]
Subject: [RFC][PATCH v2 02/12] diglim: Basic definitions

Introduce the basic definitions, exported to user space, to use digest
lists. The definitions, added to include/uapi/linux/diglim.h, are
documented in Documentation/security/diglim/implementation.rst.

Signed-off-by: Roberto Sassu <[email protected]>
---
.../security/diglim/implementation.rst | 97 +++++++++++++++++++
Documentation/security/diglim/index.rst | 1 +
MAINTAINERS | 2 +
include/uapi/linux/diglim.h | 51 ++++++++++
4 files changed, 151 insertions(+)
create mode 100644 Documentation/security/diglim/implementation.rst
create mode 100644 include/uapi/linux/diglim.h

diff --git a/Documentation/security/diglim/implementation.rst b/Documentation/security/diglim/implementation.rst
new file mode 100644
index 000000000000..59a180b3bb3f
--- /dev/null
+++ b/Documentation/security/diglim/implementation.rst
@@ -0,0 +1,97 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+Implementation
+==============
+
+This section describes the implementation of DIGLIM.
+
+
+Basic Definitions
+-----------------
+
+This section introduces the basic definitions required to use DIGLIM.
+
+
+Compact Digest List Format
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. kernel-doc:: include/uapi/linux/diglim.h
+ :identifiers: compact_list_hdr
+
+Compact Types
+.............
+
+Digests can be of different types:
+
+- ``COMPACT_PARSER``: digests of executables which are given the ability to
+ parse digest lists not in the compact format and to upload to the kernel
+ the digest list converted to the compact format;
+- ``COMPACT_FILE``: digests of regular files;
+- ``COMPACT_METADATA``: digests of file metadata (e.g. the digest
+ calculated by EVM to verify a portable signature);
+- ``COMPACT_DIGEST_LIST``: digests of digest lists (only used internally by
+ the kernel).
+
+Different users of DIGLIM might query digests with different compact types.
+For example, IMA would be interested in COMPACT_FILE, as it deals with
+regular files, while EVM would be interested in COMPACT_METADATA, as it
+verifies file metadata.
+
+
+Compact Modifiers
+.................
+
+Digests can also have specific attributes called modifiers (bit position):
+
+- ``COMPACT_MOD_IMMUTABLE``: file content or metadata should not be
+ modifiable.
+
+IMA might use this information to deny open for writing, or EVM to deny
+setxattr operations.
+
+
+Actions
+.......
+
+This section defines a set of possible actions that have been executed on
+the digest lists (bit position):
+
+- ``COMPACT_ACTION_IMA_MEASURED``: the digest list has been measured by
+ IMA;
+- ``COMPACT_ACTION_IMA_APPRAISED``: the digest list has been successfully
+ appraised by IMA;
+- ``COMPACT_ACTION_IMA_APPRAISED_DIGSIG``: the digest list has been
+ successfully appraised by IMA by verifying a digital signature.
+
+This information might help users of DIGLIM to decide whether to use the
+result of a queried digest.
+
+For example, if a digest belongs to a digest list that was not measured
+before, IMA should ignore the result of the query, as the measurement list
+sent to remote verifiers would lack which digests have been uploaded to the
+kernel.
+
+
+Compact Digest List Example
+...........................
+
+::
+
+ version: 1, type: 2, modifiers: 0 algo: 4, count: 3, datalen: 96
+ <SHA256 digest1><SHA256 digest2><SHA256 digest3>
+ version: 1, type: 3, modifiers: 1 algo: 6, count: 2, datalen: 128
+ <SHA512 digest1><SHA512 digest2>
+
+This digest list consists of two blocks. The first block contains three
+SHA256 digests of regular files. The second block contains two SHA512
+digests of immutable metadata.
+
+
+Compact Digest List Operations
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Finally, this section defines the possible operations that can be performed
+with digest lists:
+
+- ``DIGEST_LIST_ADD``: the digest list is being added;
+- ``DIGEST_LIST_DEL``: the digest list is being deleted.
diff --git a/Documentation/security/diglim/index.rst b/Documentation/security/diglim/index.rst
index 0fc5ab019bc0..4771134c2f0d 100644
--- a/Documentation/security/diglim/index.rst
+++ b/Documentation/security/diglim/index.rst
@@ -9,3 +9,4 @@ Digest Lists Integrity Module (DIGLIM)

introduction
architecture
+ implementation
diff --git a/MAINTAINERS b/MAINTAINERS
index c914dadd7e65..f61f5239468a 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -5458,8 +5458,10 @@ L: [email protected]
S: Supported
T: git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
F: Documentation/security/diglim/architecture.rst
+F: Documentation/security/diglim/implementation.rst
F: Documentation/security/diglim/index.rst
F: Documentation/security/diglim/introduction.rst
+F: include/uapi/linux/diglim.h

DIOLAN U2C-12 I2C DRIVER
M: Guenter Roeck <[email protected]>
diff --git a/include/uapi/linux/diglim.h b/include/uapi/linux/diglim.h
new file mode 100644
index 000000000000..8a33d1f0fefb
--- /dev/null
+++ b/include/uapi/linux/diglim.h
@@ -0,0 +1,51 @@
+/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
+/*
+ * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
+ *
+ * Author: Roberto Sassu <[email protected]>
+ *
+ * DIGLIM definitions exported to user space, useful for generating digest
+ * lists.
+ */
+
+#ifndef _UAPI__LINUX_DIGLIM_H
+#define _UAPI__LINUX_DIGLIM_H
+
+#include <linux/types.h>
+#include <linux/hash_info.h>
+
+enum compact_types { COMPACT_KEY, COMPACT_PARSER, COMPACT_FILE,
+ COMPACT_METADATA, COMPACT_DIGEST_LIST, COMPACT__LAST };
+
+enum compact_modifiers { COMPACT_MOD_IMMUTABLE, COMPACT_MOD__LAST };
+
+enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
+ COMPACT_ACTION_IMA_APPRAISED,
+ COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
+ COMPACT_ACTION__LAST };
+
+enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL, DIGEST_LIST_OP__LAST };
+
+/**
+ * struct compact_list_hdr - header of the following concatenated digests
+ * @version: version of the digest list
+ * @_reserved: field reserved for future use
+ * @type: type of digest list among enum compact_types
+ * @modifiers: additional attributes among (1 << enum compact_modifiers)
+ * @algo: digest algorithm
+ * @count: number of digests
+ * @datalen: length of concatenated digests
+ *
+ * A digest list is a set of blocks composed by struct compact_list_hdr and
+ * the following concatenated digests.
+ */
+struct compact_list_hdr {
+ __u8 version;
+ __u8 _reserved;
+ __le16 type;
+ __le16 modifiers;
+ __le16 algo;
+ __le32 count;
+ __le32 datalen;
+} __packed;
+#endif /*_UAPI__LINUX_DIGLIM_H*/
--
2.25.1


2021-07-27 14:46:17

by Greg Kroah-Hartman

[permalink] [raw]
Subject: Re: [RFC][PATCH v2 02/12] diglim: Basic definitions

On Mon, Jul 26, 2021 at 06:36:50PM +0200, Roberto Sassu wrote:
> --- /dev/null
> +++ b/include/uapi/linux/diglim.h
> @@ -0,0 +1,51 @@
> +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> +/*
> + * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
> + *
> + * Author: Roberto Sassu <[email protected]>
> + *
> + * DIGLIM definitions exported to user space, useful for generating digest
> + * lists.
> + */
> +
> +#ifndef _UAPI__LINUX_DIGLIM_H
> +#define _UAPI__LINUX_DIGLIM_H
> +
> +#include <linux/types.h>
> +#include <linux/hash_info.h>
> +
> +enum compact_types { COMPACT_KEY, COMPACT_PARSER, COMPACT_FILE,
> + COMPACT_METADATA, COMPACT_DIGEST_LIST, COMPACT__LAST };
> +
> +enum compact_modifiers { COMPACT_MOD_IMMUTABLE, COMPACT_MOD__LAST };
> +
> +enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
> + COMPACT_ACTION_IMA_APPRAISED,
> + COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
> + COMPACT_ACTION__LAST };
> +
> +enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL, DIGEST_LIST_OP__LAST };
> +
> +/**
> + * struct compact_list_hdr - header of the following concatenated digests
> + * @version: version of the digest list
> + * @_reserved: field reserved for future use
> + * @type: type of digest list among enum compact_types
> + * @modifiers: additional attributes among (1 << enum compact_modifiers)

I do not understand this description, what does it mean?

> + * @algo: digest algorithm

Is this also a #define or an enum? Where is the list of them?

> + * @count: number of digests
> + * @datalen: length of concatenated digests

Where does this count and length come into play as nothing else is in
this structure?

> + *
> + * A digest list is a set of blocks composed by struct compact_list_hdr and
> + * the following concatenated digests.
> + */
> +struct compact_list_hdr {
> + __u8 version;
> + __u8 _reserved;

You MUST check this for 0 today, and document it above. If not, you can
never use it in the future.

> + __le16 type;
> + __le16 modifiers;
> + __le16 algo;
> + __le32 count;
> + __le32 datalen;
> +} __packed;
> +#endif /*_UAPI__LINUX_DIGLIM_H*/
> --
> 2.25.1
>

2021-07-27 15:38:06

by Roberto Sassu

[permalink] [raw]
Subject: RE: [RFC][PATCH v2 02/12] diglim: Basic definitions

> From: Greg KH [mailto:[email protected]]
> Sent: Tuesday, July 27, 2021 4:44 PM
> On Mon, Jul 26, 2021 at 06:36:50PM +0200, Roberto Sassu wrote:
> > --- /dev/null
> > +++ b/include/uapi/linux/diglim.h
> > @@ -0,0 +1,51 @@
> > +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> > +/*
> > + * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
> > + *
> > + * Author: Roberto Sassu <[email protected]>
> > + *
> > + * DIGLIM definitions exported to user space, useful for generating digest
> > + * lists.
> > + */
> > +
> > +#ifndef _UAPI__LINUX_DIGLIM_H
> > +#define _UAPI__LINUX_DIGLIM_H
> > +
> > +#include <linux/types.h>
> > +#include <linux/hash_info.h>
> > +
> > +enum compact_types { COMPACT_KEY, COMPACT_PARSER,
> COMPACT_FILE,
> > + COMPACT_METADATA, COMPACT_DIGEST_LIST,
> COMPACT__LAST };
> > +
> > +enum compact_modifiers { COMPACT_MOD_IMMUTABLE,
> COMPACT_MOD__LAST };
> > +
> > +enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
> > + COMPACT_ACTION_IMA_APPRAISED,
> > + COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
> > + COMPACT_ACTION__LAST };
> > +
> > +enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL, DIGEST_LIST_OP__LAST };
> > +
> > +/**
> > + * struct compact_list_hdr - header of the following concatenated digests
> > + * @version: version of the digest list
> > + * @_reserved: field reserved for future use
> > + * @type: type of digest list among enum compact_types
> > + * @modifiers: additional attributes among (1 << enum compact_modifiers)
>
> I do not understand this description, what does it mean?

Hi Greg

yes, it is not very clear.

@modifiers is a bitmask where each bit corresponds to a different
attribute. enum compact_modifiers defines which bit position is
assigned to each attribute.

> > + * @algo: digest algorithm
>
> Is this also a #define or an enum? Where is the list of them?

@algo is an enum defined in include/uapi/linux/hash_info.h.

> > + * @count: number of digests
> > + * @datalen: length of concatenated digests
>
> Where does this count and length come into play as nothing else is in
> this structure?

Each digest list must begin with this structure. From it, the parser knows
how much data it should expect afterwards. After the data, there could be
another or more blocks of this structure and following data.

There is an example in the 'Compact Digest List Example' subsection,
in Documentation/security/diglim/implementation.rst.

> > + *
> > + * A digest list is a set of blocks composed by struct compact_list_hdr and
> > + * the following concatenated digests.
> > + */
> > +struct compact_list_hdr {
> > + __u8 version;
> > + __u8 _reserved;
>
> You MUST check this for 0 today, and document it above. If not, you can
> never use it in the future.

Ok, yes. I will add it.

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Li Jian, Shi Yanli

> > + __le16 type;
> > + __le16 modifiers;
> > + __le16 algo;
> > + __le32 count;
> > + __le32 datalen;
> > +} __packed;
> > +#endif /*_UAPI__LINUX_DIGLIM_H*/
> > --
> > 2.25.1
> >

2021-07-27 15:47:10

by Greg Kroah-Hartman

[permalink] [raw]
Subject: Re: [RFC][PATCH v2 02/12] diglim: Basic definitions

On Tue, Jul 27, 2021 at 03:35:16PM +0000, Roberto Sassu wrote:
> > From: Greg KH [mailto:[email protected]]
> > Sent: Tuesday, July 27, 2021 4:44 PM
> > On Mon, Jul 26, 2021 at 06:36:50PM +0200, Roberto Sassu wrote:
> > > --- /dev/null
> > > +++ b/include/uapi/linux/diglim.h
> > > @@ -0,0 +1,51 @@
> > > +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> > > +/*
> > > + * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
> > > + *
> > > + * Author: Roberto Sassu <[email protected]>
> > > + *
> > > + * DIGLIM definitions exported to user space, useful for generating digest
> > > + * lists.
> > > + */
> > > +
> > > +#ifndef _UAPI__LINUX_DIGLIM_H
> > > +#define _UAPI__LINUX_DIGLIM_H
> > > +
> > > +#include <linux/types.h>
> > > +#include <linux/hash_info.h>
> > > +
> > > +enum compact_types { COMPACT_KEY, COMPACT_PARSER,
> > COMPACT_FILE,
> > > + COMPACT_METADATA, COMPACT_DIGEST_LIST,
> > COMPACT__LAST };
> > > +
> > > +enum compact_modifiers { COMPACT_MOD_IMMUTABLE,
> > COMPACT_MOD__LAST };
> > > +
> > > +enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
> > > + COMPACT_ACTION_IMA_APPRAISED,
> > > + COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
> > > + COMPACT_ACTION__LAST };
> > > +
> > > +enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL, DIGEST_LIST_OP__LAST };
> > > +
> > > +/**
> > > + * struct compact_list_hdr - header of the following concatenated digests
> > > + * @version: version of the digest list
> > > + * @_reserved: field reserved for future use
> > > + * @type: type of digest list among enum compact_types
> > > + * @modifiers: additional attributes among (1 << enum compact_modifiers)
> >
> > I do not understand this description, what does it mean?
>
> Hi Greg
>
> yes, it is not very clear.
>
> @modifiers is a bitmask where each bit corresponds to a different
> attribute. enum compact_modifiers defines which bit position is
> assigned to each attribute.

Watch out with endian issues and bitmasks... Anyway, please document
this.

>
> > > + * @algo: digest algorithm
> >
> > Is this also a #define or an enum? Where is the list of them?
>
> @algo is an enum defined in include/uapi/linux/hash_info.h.

Please say that.

> > > + * @count: number of digests
> > > + * @datalen: length of concatenated digests
> >
> > Where does this count and length come into play as nothing else is in
> > this structure?
>
> Each digest list must begin with this structure. From it, the parser knows
> how much data it should expect afterwards. After the data, there could be
> another or more blocks of this structure and following data.

Ah, that was not obvious at all :)

Why do you not have a __u8 data[]; type field as the last one here for
that memory so you can access it easier?

thanks,

greg k-h

2021-07-27 16:10:38

by Roberto Sassu

[permalink] [raw]
Subject: RE: [RFC][PATCH v2 02/12] diglim: Basic definitions

> From: Greg KH [mailto:[email protected]]
> Sent: Tuesday, July 27, 2021 5:44 PM
> On Tue, Jul 27, 2021 at 03:35:16PM +0000, Roberto Sassu wrote:
> > > From: Greg KH [mailto:[email protected]]
> > > Sent: Tuesday, July 27, 2021 4:44 PM
> > > On Mon, Jul 26, 2021 at 06:36:50PM +0200, Roberto Sassu wrote:
> > > > --- /dev/null
> > > > +++ b/include/uapi/linux/diglim.h
> > > > @@ -0,0 +1,51 @@
> > > > +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> > > > +/*
> > > > + * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
> > > > + *
> > > > + * Author: Roberto Sassu <[email protected]>
> > > > + *
> > > > + * DIGLIM definitions exported to user space, useful for generating
> digest
> > > > + * lists.
> > > > + */
> > > > +
> > > > +#ifndef _UAPI__LINUX_DIGLIM_H
> > > > +#define _UAPI__LINUX_DIGLIM_H
> > > > +
> > > > +#include <linux/types.h>
> > > > +#include <linux/hash_info.h>
> > > > +
> > > > +enum compact_types { COMPACT_KEY, COMPACT_PARSER,
> > > COMPACT_FILE,
> > > > + COMPACT_METADATA, COMPACT_DIGEST_LIST,
> > > COMPACT__LAST };
> > > > +
> > > > +enum compact_modifiers { COMPACT_MOD_IMMUTABLE,
> > > COMPACT_MOD__LAST };
> > > > +
> > > > +enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
> > > > + COMPACT_ACTION_IMA_APPRAISED,
> > > > + COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
> > > > + COMPACT_ACTION__LAST };
> > > > +
> > > > +enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL,
> DIGEST_LIST_OP__LAST };
> > > > +
> > > > +/**
> > > > + * struct compact_list_hdr - header of the following concatenated
> digests
> > > > + * @version: version of the digest list
> > > > + * @_reserved: field reserved for future use
> > > > + * @type: type of digest list among enum compact_types
> > > > + * @modifiers: additional attributes among (1 << enum
> compact_modifiers)
> > >
> > > I do not understand this description, what does it mean?
> >
> > Hi Greg
> >
> > yes, it is not very clear.
> >
> > @modifiers is a bitmask where each bit corresponds to a different
> > attribute. enum compact_modifiers defines which bit position is
> > assigned to each attribute.
>
> Watch out with endian issues and bitmasks... Anyway, please document
> this.
>
> >
> > > > + * @algo: digest algorithm
> > >
> > > Is this also a #define or an enum? Where is the list of them?
> >
> > @algo is an enum defined in include/uapi/linux/hash_info.h.
>
> Please say that.
>
> > > > + * @count: number of digests
> > > > + * @datalen: length of concatenated digests
> > >
> > > Where does this count and length come into play as nothing else is in
> > > this structure?
> >
> > Each digest list must begin with this structure. From it, the parser knows
> > how much data it should expect afterwards. After the data, there could be
> > another or more blocks of this structure and following data.
>
> Ah, that was not obvious at all :)
>
> Why do you not have a __u8 data[]; type field as the last one here for
> that memory so you can access it easier?

After the digest list is parsed, I'm accessing the digest with the offset from
the beginning of the digest list. If the offset was relative to the header, it could
have been useful. I could add the new field, but I'm afraid of the incompatibility
with existing tools that we have.

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Li Jian, Shi Yanli

> thanks,
>
> greg k-h

2021-07-27 16:14:37

by Greg Kroah-Hartman

[permalink] [raw]
Subject: Re: [RFC][PATCH v2 02/12] diglim: Basic definitions

On Tue, Jul 27, 2021 at 04:09:37PM +0000, Roberto Sassu wrote:
> > From: Greg KH [mailto:[email protected]]
> > Sent: Tuesday, July 27, 2021 5:44 PM
> > On Tue, Jul 27, 2021 at 03:35:16PM +0000, Roberto Sassu wrote:
> > > > From: Greg KH [mailto:[email protected]]
> > > > Sent: Tuesday, July 27, 2021 4:44 PM
> > > > On Mon, Jul 26, 2021 at 06:36:50PM +0200, Roberto Sassu wrote:
> > > > > --- /dev/null
> > > > > +++ b/include/uapi/linux/diglim.h
> > > > > @@ -0,0 +1,51 @@
> > > > > +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> > > > > +/*
> > > > > + * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
> > > > > + *
> > > > > + * Author: Roberto Sassu <[email protected]>
> > > > > + *
> > > > > + * DIGLIM definitions exported to user space, useful for generating
> > digest
> > > > > + * lists.
> > > > > + */
> > > > > +
> > > > > +#ifndef _UAPI__LINUX_DIGLIM_H
> > > > > +#define _UAPI__LINUX_DIGLIM_H
> > > > > +
> > > > > +#include <linux/types.h>
> > > > > +#include <linux/hash_info.h>
> > > > > +
> > > > > +enum compact_types { COMPACT_KEY, COMPACT_PARSER,
> > > > COMPACT_FILE,
> > > > > + COMPACT_METADATA, COMPACT_DIGEST_LIST,
> > > > COMPACT__LAST };
> > > > > +
> > > > > +enum compact_modifiers { COMPACT_MOD_IMMUTABLE,
> > > > COMPACT_MOD__LAST };
> > > > > +
> > > > > +enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
> > > > > + COMPACT_ACTION_IMA_APPRAISED,
> > > > > + COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
> > > > > + COMPACT_ACTION__LAST };
> > > > > +
> > > > > +enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL,
> > DIGEST_LIST_OP__LAST };
> > > > > +
> > > > > +/**
> > > > > + * struct compact_list_hdr - header of the following concatenated
> > digests
> > > > > + * @version: version of the digest list
> > > > > + * @_reserved: field reserved for future use
> > > > > + * @type: type of digest list among enum compact_types
> > > > > + * @modifiers: additional attributes among (1 << enum
> > compact_modifiers)
> > > >
> > > > I do not understand this description, what does it mean?
> > >
> > > Hi Greg
> > >
> > > yes, it is not very clear.
> > >
> > > @modifiers is a bitmask where each bit corresponds to a different
> > > attribute. enum compact_modifiers defines which bit position is
> > > assigned to each attribute.
> >
> > Watch out with endian issues and bitmasks... Anyway, please document
> > this.
> >
> > >
> > > > > + * @algo: digest algorithm
> > > >
> > > > Is this also a #define or an enum? Where is the list of them?
> > >
> > > @algo is an enum defined in include/uapi/linux/hash_info.h.
> >
> > Please say that.
> >
> > > > > + * @count: number of digests
> > > > > + * @datalen: length of concatenated digests
> > > >
> > > > Where does this count and length come into play as nothing else is in
> > > > this structure?
> > >
> > > Each digest list must begin with this structure. From it, the parser knows
> > > how much data it should expect afterwards. After the data, there could be
> > > another or more blocks of this structure and following data.
> >
> > Ah, that was not obvious at all :)
> >
> > Why do you not have a __u8 data[]; type field as the last one here for
> > that memory so you can access it easier?
>
> After the digest list is parsed, I'm accessing the digest with the offset from
> the beginning of the digest list. If the offset was relative to the header, it could
> have been useful. I could add the new field, but I'm afraid of the incompatibility
> with existing tools that we have.

What tools? This isn't a feature in the kernel yet, so we have no
legacy to support, right?

thanks,

greg k-h

2021-07-28 07:00:21

by Roberto Sassu

[permalink] [raw]
Subject: RE: [RFC][PATCH v2 02/12] diglim: Basic definitions

> From: Greg KH [mailto:[email protected]]
> Sent: Tuesday, July 27, 2021 6:13 PM
> On Tue, Jul 27, 2021 at 04:09:37PM +0000, Roberto Sassu wrote:
> > > From: Greg KH [mailto:[email protected]]
> > > Sent: Tuesday, July 27, 2021 5:44 PM
> > > On Tue, Jul 27, 2021 at 03:35:16PM +0000, Roberto Sassu wrote:
> > > > > From: Greg KH [mailto:[email protected]]
> > > > > Sent: Tuesday, July 27, 2021 4:44 PM
> > > > > On Mon, Jul 26, 2021 at 06:36:50PM +0200, Roberto Sassu wrote:
> > > > > > --- /dev/null
> > > > > > +++ b/include/uapi/linux/diglim.h
> > > > > > @@ -0,0 +1,51 @@
> > > > > > +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> > > > > > +/*
> > > > > > + * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
> > > > > > + *
> > > > > > + * Author: Roberto Sassu <[email protected]>
> > > > > > + *
> > > > > > + * DIGLIM definitions exported to user space, useful for generating
> > > digest
> > > > > > + * lists.
> > > > > > + */
> > > > > > +
> > > > > > +#ifndef _UAPI__LINUX_DIGLIM_H
> > > > > > +#define _UAPI__LINUX_DIGLIM_H
> > > > > > +
> > > > > > +#include <linux/types.h>
> > > > > > +#include <linux/hash_info.h>
> > > > > > +
> > > > > > +enum compact_types { COMPACT_KEY, COMPACT_PARSER,
> > > > > COMPACT_FILE,
> > > > > > + COMPACT_METADATA, COMPACT_DIGEST_LIST,
> > > > > COMPACT__LAST };
> > > > > > +
> > > > > > +enum compact_modifiers { COMPACT_MOD_IMMUTABLE,
> > > > > COMPACT_MOD__LAST };
> > > > > > +
> > > > > > +enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
> > > > > > + COMPACT_ACTION_IMA_APPRAISED,
> > > > > > + COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
> > > > > > + COMPACT_ACTION__LAST };
> > > > > > +
> > > > > > +enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL,
> > > DIGEST_LIST_OP__LAST };
> > > > > > +
> > > > > > +/**
> > > > > > + * struct compact_list_hdr - header of the following concatenated
> > > digests
> > > > > > + * @version: version of the digest list
> > > > > > + * @_reserved: field reserved for future use
> > > > > > + * @type: type of digest list among enum compact_types
> > > > > > + * @modifiers: additional attributes among (1 << enum
> > > compact_modifiers)
> > > > >
> > > > > I do not understand this description, what does it mean?
> > > >
> > > > Hi Greg
> > > >
> > > > yes, it is not very clear.
> > > >
> > > > @modifiers is a bitmask where each bit corresponds to a different
> > > > attribute. enum compact_modifiers defines which bit position is
> > > > assigned to each attribute.
> > >
> > > Watch out with endian issues and bitmasks... Anyway, please document
> > > this.
> > >
> > > >
> > > > > > + * @algo: digest algorithm
> > > > >
> > > > > Is this also a #define or an enum? Where is the list of them?
> > > >
> > > > @algo is an enum defined in include/uapi/linux/hash_info.h.
> > >
> > > Please say that.
> > >
> > > > > > + * @count: number of digests
> > > > > > + * @datalen: length of concatenated digests
> > > > >
> > > > > Where does this count and length come into play as nothing else is in
> > > > > this structure?
> > > >
> > > > Each digest list must begin with this structure. From it, the parser knows
> > > > how much data it should expect afterwards. After the data, there could
> be
> > > > another or more blocks of this structure and following data.
> > >
> > > Ah, that was not obvious at all :)
> > >
> > > Why do you not have a __u8 data[]; type field as the last one here for
> > > that memory so you can access it easier?
> >
> > After the digest list is parsed, I'm accessing the digest with the offset from
> > the beginning of the digest list. If the offset was relative to the header, it
> could
> > have been useful. I could add the new field, but I'm afraid of the
> incompatibility
> > with existing tools that we have.
>
> What tools? This isn't a feature in the kernel yet, so we have no
> legacy to support, right?

Yes, right. We shouldn't be limited by previously written code.

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Li Jian, Shi Yanli

> thanks,
>
> greg k-h

2021-07-28 11:34:06

by Mauro Carvalho Chehab

[permalink] [raw]
Subject: Re: [RFC][PATCH v2 02/12] diglim: Basic definitions

Em Mon, 26 Jul 2021 18:36:50 +0200
Roberto Sassu <[email protected]> escreveu:

> Introduce the basic definitions, exported to user space, to use digest
> lists. The definitions, added to include/uapi/linux/diglim.h, are
> documented in Documentation/security/diglim/implementation.rst.
>
> Signed-off-by: Roberto Sassu <[email protected]>
> ---
> .../security/diglim/implementation.rst | 97 +++++++++++++++++++
> Documentation/security/diglim/index.rst | 1 +
> MAINTAINERS | 2 +
> include/uapi/linux/diglim.h | 51 ++++++++++
> 4 files changed, 151 insertions(+)
> create mode 100644 Documentation/security/diglim/implementation.rst
> create mode 100644 include/uapi/linux/diglim.h
>
> diff --git a/Documentation/security/diglim/implementation.rst b/Documentation/security/diglim/implementation.rst
> new file mode 100644
> index 000000000000..59a180b3bb3f
> --- /dev/null
> +++ b/Documentation/security/diglim/implementation.rst
> @@ -0,0 +1,97 @@
> +.. SPDX-License-Identifier: GPL-2.0
> +
> +Implementation
> +==============
> +
> +This section describes the implementation of DIGLIM.
> +
> +
> +Basic Definitions
> +-----------------
> +
> +This section introduces the basic definitions required to use DIGLIM.
> +
> +
> +Compact Digest List Format
> +~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +.. kernel-doc:: include/uapi/linux/diglim.h
> + :identifiers: compact_list_hdr
> +
> +Compact Types
> +.............
> +
> +Digests can be of different types:
> +
> +- ``COMPACT_PARSER``: digests of executables which are given the ability to
> + parse digest lists not in the compact format and to upload to the kernel
> + the digest list converted to the compact format;
> +- ``COMPACT_FILE``: digests of regular files;
> +- ``COMPACT_METADATA``: digests of file metadata (e.g. the digest
> + calculated by EVM to verify a portable signature);
> +- ``COMPACT_DIGEST_LIST``: digests of digest lists (only used internally by
> + the kernel).
> +
> +Different users of DIGLIM might query digests with different compact types.
> +For example, IMA would be interested in COMPACT_FILE, as it deals with
> +regular files, while EVM would be interested in COMPACT_METADATA, as it
> +verifies file metadata.
> +
> +
> +Compact Modifiers
> +.................
> +
> +Digests can also have specific attributes called modifiers (bit position):
> +
> +- ``COMPACT_MOD_IMMUTABLE``: file content or metadata should not be
> + modifiable.
> +
> +IMA might use this information to deny open for writing, or EVM to deny
> +setxattr operations.
> +
> +
> +Actions
> +.......
> +
> +This section defines a set of possible actions that have been executed on
> +the digest lists (bit position):
> +
> +- ``COMPACT_ACTION_IMA_MEASURED``: the digest list has been measured by
> + IMA;
> +- ``COMPACT_ACTION_IMA_APPRAISED``: the digest list has been successfully
> + appraised by IMA;
> +- ``COMPACT_ACTION_IMA_APPRAISED_DIGSIG``: the digest list has been
> + successfully appraised by IMA by verifying a digital signature.
> +
> +This information might help users of DIGLIM to decide whether to use the
> +result of a queried digest.
> +
> +For example, if a digest belongs to a digest list that was not measured
> +before, IMA should ignore the result of the query, as the measurement list
> +sent to remote verifiers would lack which digests have been uploaded to the
> +kernel.
> +
> +
> +Compact Digest List Example
> +...........................
> +
> +::
> +
> + version: 1, type: 2, modifiers: 0 algo: 4, count: 3, datalen: 96
> + <SHA256 digest1><SHA256 digest2><SHA256 digest3>
> + version: 1, type: 3, modifiers: 1 algo: 6, count: 2, datalen: 128
> + <SHA512 digest1><SHA512 digest2>
> +
> +This digest list consists of two blocks. The first block contains three
> +SHA256 digests of regular files. The second block contains two SHA512
> +digests of immutable metadata.
> +
> +
> +Compact Digest List Operations
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +Finally, this section defines the possible operations that can be performed
> +with digest lists:
> +
> +- ``DIGEST_LIST_ADD``: the digest list is being added;
> +- ``DIGEST_LIST_DEL``: the digest list is being deleted.
> diff --git a/Documentation/security/diglim/index.rst b/Documentation/security/diglim/index.rst
> index 0fc5ab019bc0..4771134c2f0d 100644
> --- a/Documentation/security/diglim/index.rst
> +++ b/Documentation/security/diglim/index.rst
> @@ -9,3 +9,4 @@ Digest Lists Integrity Module (DIGLIM)
>
> introduction
> architecture
> + implementation
> diff --git a/MAINTAINERS b/MAINTAINERS
> index c914dadd7e65..f61f5239468a 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -5458,8 +5458,10 @@ L: [email protected]
> S: Supported
> T: git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
> F: Documentation/security/diglim/architecture.rst
> +F: Documentation/security/diglim/implementation.rst
> F: Documentation/security/diglim/index.rst
> F: Documentation/security/diglim/introduction.rst
> +F: include/uapi/linux/diglim.h
>
> DIOLAN U2C-12 I2C DRIVER
> M: Guenter Roeck <[email protected]>
> diff --git a/include/uapi/linux/diglim.h b/include/uapi/linux/diglim.h
> new file mode 100644
> index 000000000000..8a33d1f0fefb
> --- /dev/null
> +++ b/include/uapi/linux/diglim.h
> @@ -0,0 +1,51 @@
> +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> +/*
> + * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
> + *
> + * Author: Roberto Sassu <[email protected]>
> + *
> + * DIGLIM definitions exported to user space, useful for generating digest
> + * lists.
> + */
> +
> +#ifndef _UAPI__LINUX_DIGLIM_H
> +#define _UAPI__LINUX_DIGLIM_H
> +
> +#include <linux/types.h>
> +#include <linux/hash_info.h>
> +
> +enum compact_types { COMPACT_KEY, COMPACT_PARSER, COMPACT_FILE,
> + COMPACT_METADATA, COMPACT_DIGEST_LIST, COMPACT__LAST };
> +
> +enum compact_modifiers { COMPACT_MOD_IMMUTABLE, COMPACT_MOD__LAST };
> +
> +enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
> + COMPACT_ACTION_IMA_APPRAISED,
> + COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
> + COMPACT_ACTION__LAST };
> +
> +enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL, DIGEST_LIST_OP__LAST };
> +
> +/**
> + * struct compact_list_hdr - header of the following concatenated digests
> + * @version: version of the digest list
> + * @_reserved: field reserved for future use
> + * @type: type of digest list among enum compact_types
> + * @modifiers: additional attributes among (1 << enum compact_modifiers)
> + * @algo: digest algorithm
> + * @count: number of digests
> + * @datalen: length of concatenated digests
> + *
> + * A digest list is a set of blocks composed by struct compact_list_hdr and
> + * the following concatenated digests.
> + */
> +struct compact_list_hdr {
> + __u8 version;
> + __u8 _reserved;
> + __le16 type;
> + __le16 modifiers;
> + __le16 algo;
> + __le32 count;
> + __le32 datalen;
> +} __packed;
> +#endif /*_UAPI__LINUX_DIGLIM_H*/

Besides Greg's notes, I'm wondering why to enforce a particular
endness here. I mean, this is uAPI. I would expect it to use the
CPU endianness instead, in order to avoid uneeded conversions.

Thanks,
Mauro

2021-07-28 11:46:24

by Roberto Sassu

[permalink] [raw]
Subject: RE: [RFC][PATCH v2 02/12] diglim: Basic definitions

> From: Mauro Carvalho Chehab [mailto:[email protected]]
> Sent: Wednesday, July 28, 2021 1:31 PM
> Em Mon, 26 Jul 2021 18:36:50 +0200
> Roberto Sassu <[email protected]> escreveu:
>
> > Introduce the basic definitions, exported to user space, to use digest
> > lists. The definitions, added to include/uapi/linux/diglim.h, are
> > documented in Documentation/security/diglim/implementation.rst.
> >
> > Signed-off-by: Roberto Sassu <[email protected]>
> > ---
> > .../security/diglim/implementation.rst | 97 +++++++++++++++++++
> > Documentation/security/diglim/index.rst | 1 +
> > MAINTAINERS | 2 +
> > include/uapi/linux/diglim.h | 51 ++++++++++
> > 4 files changed, 151 insertions(+)
> > create mode 100644 Documentation/security/diglim/implementation.rst
> > create mode 100644 include/uapi/linux/diglim.h
> >
> > diff --git a/Documentation/security/diglim/implementation.rst
> b/Documentation/security/diglim/implementation.rst
> > new file mode 100644
> > index 000000000000..59a180b3bb3f
> > --- /dev/null
> > +++ b/Documentation/security/diglim/implementation.rst
> > @@ -0,0 +1,97 @@
> > +.. SPDX-License-Identifier: GPL-2.0
> > +
> > +Implementation
> > +==============
> > +
> > +This section describes the implementation of DIGLIM.
> > +
> > +
> > +Basic Definitions
> > +-----------------
> > +
> > +This section introduces the basic definitions required to use DIGLIM.
> > +
> > +
> > +Compact Digest List Format
> > +~~~~~~~~~~~~~~~~~~~~~~~~~~
> > +
> > +.. kernel-doc:: include/uapi/linux/diglim.h
> > + :identifiers: compact_list_hdr
> > +
> > +Compact Types
> > +.............
> > +
> > +Digests can be of different types:
> > +
> > +- ``COMPACT_PARSER``: digests of executables which are given the ability
> to
> > + parse digest lists not in the compact format and to upload to the kernel
> > + the digest list converted to the compact format;
> > +- ``COMPACT_FILE``: digests of regular files;
> > +- ``COMPACT_METADATA``: digests of file metadata (e.g. the digest
> > + calculated by EVM to verify a portable signature);
> > +- ``COMPACT_DIGEST_LIST``: digests of digest lists (only used internally by
> > + the kernel).
> > +
> > +Different users of DIGLIM might query digests with different compact types.
> > +For example, IMA would be interested in COMPACT_FILE, as it deals with
> > +regular files, while EVM would be interested in COMPACT_METADATA, as it
> > +verifies file metadata.
> > +
> > +
> > +Compact Modifiers
> > +.................
> > +
> > +Digests can also have specific attributes called modifiers (bit position):
> > +
> > +- ``COMPACT_MOD_IMMUTABLE``: file content or metadata should not be
> > + modifiable.
> > +
> > +IMA might use this information to deny open for writing, or EVM to deny
> > +setxattr operations.
> > +
> > +
> > +Actions
> > +.......
> > +
> > +This section defines a set of possible actions that have been executed on
> > +the digest lists (bit position):
> > +
> > +- ``COMPACT_ACTION_IMA_MEASURED``: the digest list has been
> measured by
> > + IMA;
> > +- ``COMPACT_ACTION_IMA_APPRAISED``: the digest list has been
> successfully
> > + appraised by IMA;
> > +- ``COMPACT_ACTION_IMA_APPRAISED_DIGSIG``: the digest list has been
> > + successfully appraised by IMA by verifying a digital signature.
> > +
> > +This information might help users of DIGLIM to decide whether to use the
> > +result of a queried digest.
> > +
> > +For example, if a digest belongs to a digest list that was not measured
> > +before, IMA should ignore the result of the query, as the measurement list
> > +sent to remote verifiers would lack which digests have been uploaded to
> the
> > +kernel.
> > +
> > +
> > +Compact Digest List Example
> > +...........................
> > +
> > +::
> > +
> > + version: 1, type: 2, modifiers: 0 algo: 4, count: 3, datalen: 96
> > + <SHA256 digest1><SHA256 digest2><SHA256 digest3>
> > + version: 1, type: 3, modifiers: 1 algo: 6, count: 2, datalen: 128
> > + <SHA512 digest1><SHA512 digest2>
> > +
> > +This digest list consists of two blocks. The first block contains three
> > +SHA256 digests of regular files. The second block contains two SHA512
> > +digests of immutable metadata.
> > +
> > +
> > +Compact Digest List Operations
> > +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > +
> > +Finally, this section defines the possible operations that can be performed
> > +with digest lists:
> > +
> > +- ``DIGEST_LIST_ADD``: the digest list is being added;
> > +- ``DIGEST_LIST_DEL``: the digest list is being deleted.
> > diff --git a/Documentation/security/diglim/index.rst
> b/Documentation/security/diglim/index.rst
> > index 0fc5ab019bc0..4771134c2f0d 100644
> > --- a/Documentation/security/diglim/index.rst
> > +++ b/Documentation/security/diglim/index.rst
> > @@ -9,3 +9,4 @@ Digest Lists Integrity Module (DIGLIM)
> >
> > introduction
> > architecture
> > + implementation
> > diff --git a/MAINTAINERS b/MAINTAINERS
> > index c914dadd7e65..f61f5239468a 100644
> > --- a/MAINTAINERS
> > +++ b/MAINTAINERS
> > @@ -5458,8 +5458,10 @@ L: [email protected]
> > S: Supported
> > T: git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
> > F: Documentation/security/diglim/architecture.rst
> > +F: Documentation/security/diglim/implementation.rst
> > F: Documentation/security/diglim/index.rst
> > F: Documentation/security/diglim/introduction.rst
> > +F: include/uapi/linux/diglim.h
> >
> > DIOLAN U2C-12 I2C DRIVER
> > M: Guenter Roeck <[email protected]>
> > diff --git a/include/uapi/linux/diglim.h b/include/uapi/linux/diglim.h
> > new file mode 100644
> > index 000000000000..8a33d1f0fefb
> > --- /dev/null
> > +++ b/include/uapi/linux/diglim.h
> > @@ -0,0 +1,51 @@
> > +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> > +/*
> > + * Copyright (C) 2017-2021 Huawei Technologies Duesseldorf GmbH
> > + *
> > + * Author: Roberto Sassu <[email protected]>
> > + *
> > + * DIGLIM definitions exported to user space, useful for generating digest
> > + * lists.
> > + */
> > +
> > +#ifndef _UAPI__LINUX_DIGLIM_H
> > +#define _UAPI__LINUX_DIGLIM_H
> > +
> > +#include <linux/types.h>
> > +#include <linux/hash_info.h>
> > +
> > +enum compact_types { COMPACT_KEY, COMPACT_PARSER,
> COMPACT_FILE,
> > + COMPACT_METADATA, COMPACT_DIGEST_LIST,
> COMPACT__LAST };
> > +
> > +enum compact_modifiers { COMPACT_MOD_IMMUTABLE,
> COMPACT_MOD__LAST };
> > +
> > +enum compact_actions { COMPACT_ACTION_IMA_MEASURED,
> > + COMPACT_ACTION_IMA_APPRAISED,
> > + COMPACT_ACTION_IMA_APPRAISED_DIGSIG,
> > + COMPACT_ACTION__LAST };
> > +
> > +enum ops { DIGEST_LIST_ADD, DIGEST_LIST_DEL, DIGEST_LIST_OP__LAST };
> > +
> > +/**
> > + * struct compact_list_hdr - header of the following concatenated digests
> > + * @version: version of the digest list
> > + * @_reserved: field reserved for future use
> > + * @type: type of digest list among enum compact_types
> > + * @modifiers: additional attributes among (1 << enum compact_modifiers)
> > + * @algo: digest algorithm
> > + * @count: number of digests
> > + * @datalen: length of concatenated digests
> > + *
> > + * A digest list is a set of blocks composed by struct compact_list_hdr and
> > + * the following concatenated digests.
> > + */
> > +struct compact_list_hdr {
> > + __u8 version;
> > + __u8 _reserved;
> > + __le16 type;
> > + __le16 modifiers;
> > + __le16 algo;
> > + __le32 count;
> > + __le32 datalen;
> > +} __packed;
> > +#endif /*_UAPI__LINUX_DIGLIM_H*/
>
> Besides Greg's notes, I'm wondering why to enforce a particular
> endness here. I mean, this is uAPI. I would expect it to use the
> CPU endianness instead, in order to avoid uneeded conversions.

Also Greg had the same concern. I hoped the Lifecycle section clarified
the fact that digest lists are generated by software vendors not the
local system. Should I add something more in the documentation?

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Li Jian, Shi Yanli

> Thanks,
> Mauro

2021-07-28 13:10:40

by Mauro Carvalho Chehab

[permalink] [raw]
Subject: Re: [RFC][PATCH v2 02/12] diglim: Basic definitions

Em Wed, 28 Jul 2021 11:45:02 +0000
Roberto Sassu <[email protected]> escreveu:

> > From: Mauro Carvalho Chehab [mailto:[email protected]]
> > Sent: Wednesday, July 28, 2021 1:31 PM
> > Em Mon, 26 Jul 2021 18:36:50 +0200
> > Roberto Sassu <[email protected]> escreveu:
> >

> > > +struct compact_list_hdr {
> > > + __u8 version;
> > > + __u8 _reserved;
> > > + __le16 type;
> > > + __le16 modifiers;
> > > + __le16 algo;
> > > + __le32 count;
> > > + __le32 datalen;
> > > +} __packed;
> > > +#endif /*_UAPI__LINUX_DIGLIM_H*/
> >
> > Besides Greg's notes, I'm wondering why to enforce a particular
> > endness here. I mean, this is uAPI. I would expect it to use the
> > CPU endianness instead, in order to avoid uneeded conversions.
>
> Also Greg had the same concern. I hoped the Lifecycle section clarified
> the fact that digest lists are generated by software vendors not the
> local system. Should I add something more in the documentation?

It shouldn't matter what kind of endness software vendors use on
userspace (either CPU or a fixed endiannes - either LE or BE).

I mean, I won't doubt that some package tools use LE while others
would use BE. At some point, this needs to be converted to
CPU endiannes.

IMO, the best would be to isolate whatever RPM/DEB/... endianness
is used on userspace from what the Kernel will use internally.

Just my 2 cents.

Regards,
Mauro

2021-07-28 14:25:57

by Roberto Sassu

[permalink] [raw]
Subject: RE: [RFC][PATCH v2 02/12] diglim: Basic definitions

> From: Mauro Carvalho Chehab [mailto:[email protected]]
> Sent: Wednesday, July 28, 2021 3:08 PM
> Em Wed, 28 Jul 2021 11:45:02 +0000
> Roberto Sassu <[email protected]> escreveu:
>
> > > From: Mauro Carvalho Chehab [mailto:[email protected]]
> > > Sent: Wednesday, July 28, 2021 1:31 PM
> > > Em Mon, 26 Jul 2021 18:36:50 +0200
> > > Roberto Sassu <[email protected]> escreveu:
> > >
>
> > > > +struct compact_list_hdr {
> > > > + __u8 version;
> > > > + __u8 _reserved;
> > > > + __le16 type;
> > > > + __le16 modifiers;
> > > > + __le16 algo;
> > > > + __le32 count;
> > > > + __le32 datalen;
> > > > +} __packed;
> > > > +#endif /*_UAPI__LINUX_DIGLIM_H*/
> > >
> > > Besides Greg's notes, I'm wondering why to enforce a particular
> > > endness here. I mean, this is uAPI. I would expect it to use the
> > > CPU endianness instead, in order to avoid uneeded conversions.
> >
> > Also Greg had the same concern. I hoped the Lifecycle section clarified
> > the fact that digest lists are generated by software vendors not the
> > local system. Should I add something more in the documentation?
>
> It shouldn't matter what kind of endness software vendors use on
> userspace (either CPU or a fixed endiannes - either LE or BE).
>
> I mean, I won't doubt that some package tools use LE while others
> would use BE. At some point, this needs to be converted to
> CPU endiannes.

If you let digest list generators decide the endianness, probably
it is necessary to also add the endianness information in the
structure. Otherwise, the kernel wouldn't know what to do.

If the kernel knows that the digest list is always in little endian,
it simply calls le32_to_cpu().

> IMO, the best would be to isolate whatever RPM/DEB/... endianness
> is used on userspace from what the Kernel will use internally.

This is a different case. The conversion happens if the digest list
is not in native format. The kernel can also parse an untouched
digest list if it is in native format.

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Li Jian, Shi Yanli

> Just my 2 cents.
>
> Regards,
> Mauro