Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp52857ybl; Thu, 12 Dec 2019 13:56:01 -0800 (PST) X-Google-Smtp-Source: APXvYqyY2DheXR+5tUM/TXEj3kTFz2lYpNbqaCI5NXL4G7955GubbS8up3uulxcifXvaCwQBM3Vt X-Received: by 2002:a9d:799a:: with SMTP id h26mr10184326otm.240.1576187761402; Thu, 12 Dec 2019 13:56:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1576187761; cv=none; d=google.com; s=arc-20160816; b=TXUFSAZ2I9uvnKMf1JPcT7VV7Z6z+iJxTxsvs0vI0h0YYslD8nVx2JBsCXGJBfn9X0 e+2kbiK0ygXTdqxN4F4L5LtghfUNKXgODRnabsq7eg7rFliavs7ZUdLSc6VW3VbTr4X+ FfaJdlLt9S3tiXvwNDCDp7sFZ7fvJQKkGrnyv/vS31+fn8f64+pasaU4ZCs20A39HL3l rY+gMGym3AaMqAxMZFoeWCId7fsyiBFA2tZRATmLuF9WkTR32a8xyWZDup4SPNq5IC6G nDkWmHZFlIqVjCBBzZNSTbyzvw0Gxh/xPEVdUEXLv4+RAv79r5l6Q1h/twOpzrqINB9W XHow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-transfer-encoding :mime-version:references:in-reply-to:date:cc:to:from:subject; bh=iXpdGy0yLZCKIMw+bQ3UpXsvYobXLbMaZ7Wt2oZKL4o=; b=JKPlPEz2ga0nx48TUbZvydCNLJ6yOrBs+q7Sq2W+NJhve/Kx0tG/05MQgzK5ZUjQjQ yHkArE3qGWavH/S605QMD4ZpqLj/K0hXAjru7Evv4FAXO5of+Sar6A1HtRHgeju9G9hw Lon66jbsufnS8or3OxQUzRhTK6nUVGOuqTsTUI0jXrUbUntvohn8Xn12R+XoCUTb9K9m kplEqRdbnCdb1nuk5kW16Qpluzz0DlIlYw2xHU28r8M+SvsJig+JTpWQAcibOdvw13NH kPuN66I4M9DdO/pWMqejtCx0GOUem4uiE4Uvj37dNkTqd6u9pCwP1WJV+Ov6zOVno/GQ 5mSA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l14si4807678otb.108.2019.12.12.13.55.49; Thu, 12 Dec 2019 13:56:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731045AbfLLVNV (ORCPT + 99 others); Thu, 12 Dec 2019 16:13:21 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:49934 "EHLO mx0b-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730969AbfLLVNU (ORCPT ); Thu, 12 Dec 2019 16:13:20 -0500 Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xBCL74f0013136 for ; Thu, 12 Dec 2019 16:13:19 -0500 Received: from e06smtp05.uk.ibm.com (e06smtp05.uk.ibm.com [195.75.94.101]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wtf70xf98-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 12 Dec 2019 16:13:18 -0500 Received: from localhost by e06smtp05.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 12 Dec 2019 21:13:16 -0000 Received: from b06avi18626390.portsmouth.uk.ibm.com (9.149.26.192) by e06smtp05.uk.ibm.com (192.168.101.135) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 12 Dec 2019 21:13:12 -0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06avi18626390.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xBCLCTdw40042846 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 12 Dec 2019 21:12:29 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 880DFA405C; Thu, 12 Dec 2019 21:13:11 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 62341A405B; Thu, 12 Dec 2019 21:13:10 +0000 (GMT) Received: from dhcp-9-31-102-17.watson.ibm.com (unknown [9.31.102.17]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 12 Dec 2019 21:13:10 +0000 (GMT) Subject: Re: [PATCH v2 1/2] IMA: Define workqueue for early boot "key" measurements From: Mimi Zohar To: Lakshmi Ramasubramanian , linux-integrity@vger.kernel.org Cc: eric.snowberg@oracle.com, dhowells@redhat.com, mathew.j.martineau@linux.intel.com, matthewgarrett@google.com, sashal@kernel.org, jamorris@linux.microsoft.com, linux-kernel@vger.kernel.org, keyrings@vger.kernel.org Date: Thu, 12 Dec 2019 16:13:09 -0500 In-Reply-To: <0cc15a43-8e1b-9819-33fe-8325068f8df2@linux.microsoft.com> References: <20191211185116.2740-1-nramas@linux.microsoft.com> <20191211185116.2740-2-nramas@linux.microsoft.com> <1576138743.4579.147.camel@linux.ibm.com> <0cc15a43-8e1b-9819-33fe-8325068f8df2@linux.microsoft.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 x-cbid: 19121221-0020-0000-0000-0000039792F6 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19121221-0021-0000-0000-000021EE9E41 Message-Id: <1576185189.4579.165.camel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-12-12_07:2019-12-12,2019-12-12 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 priorityscore=1501 adultscore=0 clxscore=1015 malwarescore=0 suspectscore=3 impostorscore=0 bulkscore=0 phishscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1912120164 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2019-12-12 at 08:57 -0800, Lakshmi Ramasubramanian wrote: > On 12/12/19 12:19 AM, Mimi Zohar wrote: > > >>> + ima_process_keys = true; > >> + > >> + INIT_LIST_HEAD(&temp_ima_keys); > >> + > >> + mutex_lock(&ima_keys_mutex); > >> + > >> + list_for_each_entry_safe(entry, tmp, &ima_keys, list) > >> + list_move_tail(&entry->list, &temp_ima_keys); > >> + > >> + mutex_unlock(&ima_keys_mutex); > > > > > > The v1 comment, which explained the need for using a temporary > > keyring, is an example of an informative comment.  If you don't > > object, instead of re-posting this patch, I can insert it. > > Sure Mimi. Thanks for including the comment in the patch. Looking at this again, something seems off or at least the comment  doesn't match the code. /* * To avoid holding the mutex while processing queued keys, * transfer the queued keys with the mutex held to a temp list, * release the mutex, and then process the queued keys from * the temp list. * * Since ima_process_keys is set to true above, any new key will * be processed immediately and not queued. */ Setting ima_process_key before taking the lock won't prevent the race.  I think you want to test ima_process_keys before taking the lock and again immediately afterward taking the lock, before setting it.  Then the comment would match the code. Shouldn't ima_process_keys be defined as static to limit the scope to this file? Mimi