Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp814086ybl; Fri, 13 Dec 2019 05:08:10 -0800 (PST) X-Google-Smtp-Source: APXvYqxDR0Oh7ZEMaKvicb10Vigxobx8OIuy8+yrOjpQZ4IGveC3iaH1hEJNymiy9UgEphHtVpDl X-Received: by 2002:a9d:7410:: with SMTP id n16mr15018417otk.23.1576242490573; Fri, 13 Dec 2019 05:08:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1576242490; cv=none; d=google.com; s=arc-20160816; b=BUu0npwbZwWuND4yfBXr5HZa2S0UubvtXhIYhCDTnA6MmHY/MbtlO6frFJAT34sRlA d7jHVKXvpAmvCf1H0RKDUK0sHQ4X2dmZ0Okk6Lnt9mftkORxQJRCZxOWDH3Y/vLZlkrT qk25Inrugzg2gWGzwPTp/x37JY3KgQvQDz/Mep1f2+FXPajELPi2oRqSxeYDNCXmHUKg usnDvnY8jRT9TU4bo7QbGxnUSc37Ra/wzxBDHXV2Q+5/uvqc3rPXN/rKXSNcS3pY1gCU 6kbn/gCLf12FwCIA7bu8aKy+nSwmvzPvwxGSd+h1e9KOGMHa1JkHxUZAEJCLaBbV19qc 2NGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-transfer-encoding :mime-version:references:in-reply-to:date:cc:to:from:subject; bh=wae5hPFOnWIv81xKQb0IVt23Me1/k/hE5HvCa2+9ug4=; b=yeHHebEMW+v1BmfIl7I07NpPXXR41ubQl25jsISL7idBpCQzJmoc6sZbcO42N+cKBE pKSG0KUa0vbfTLsctOHzUsiQM9K+xH6yLZyw2dVIQlRYZGg2ovZ5Qstoic1pwyG3I+Ko V/h18Jg57LRZ9wUkzFlS97guEu7hj5wnQa9Vj2lOvBsweEqB9vONi20cGdCvr354OfxF k1oNBftKcfa15SscrRrDUNT2BjndtivH1m24F02fVMUuPAQAcYm1mSQnJmK7waYNmYJa 85KdIKEzGDXIcJt/Oh0v+Tl0vdQKCoEvJYKdjlOZQmCxir3/PTCIqP8/Cy8ijPe01sUv UZ6Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d4si4849461ote.135.2019.12.13.05.07.55; Fri, 13 Dec 2019 05:08:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727270AbfLMNG5 (ORCPT + 99 others); Fri, 13 Dec 2019 08:06:57 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:54022 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727205AbfLMNG4 (ORCPT ); Fri, 13 Dec 2019 08:06:56 -0500 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xBDD5N3k024259 for ; Fri, 13 Dec 2019 08:06:55 -0500 Received: from e06smtp07.uk.ibm.com (e06smtp07.uk.ibm.com [195.75.94.103]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wusvhx6wm-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 13 Dec 2019 08:06:55 -0500 Received: from localhost by e06smtp07.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 13 Dec 2019 13:06:53 -0000 Received: from b06avi18626390.portsmouth.uk.ibm.com (9.149.26.192) by e06smtp07.uk.ibm.com (192.168.101.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 13 Dec 2019 13:06:49 -0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06avi18626390.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xBDD66Yh22282504 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 13 Dec 2019 13:06:06 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9E840A4066; Fri, 13 Dec 2019 13:06:48 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 596ABA4054; Fri, 13 Dec 2019 13:06:47 +0000 (GMT) Received: from localhost.localdomain (unknown [9.85.131.45]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 13 Dec 2019 13:06:47 +0000 (GMT) Subject: Re: [PATCH v3 1/2] IMA: Define workqueue for early boot "key" measurements From: Mimi Zohar To: Lakshmi Ramasubramanian , linux-integrity@vger.kernel.org Cc: eric.snowberg@oracle.com, dhowells@redhat.com, mathew.j.martineau@linux.intel.com, matthewgarrett@google.com, sashal@kernel.org, jamorris@linux.microsoft.com, linux-kernel@vger.kernel.org, keyrings@vger.kernel.org Date: Fri, 13 Dec 2019 08:06:46 -0500 In-Reply-To: References: <20191213004250.21132-1-nramas@linux.microsoft.com> <20191213004250.21132-2-nramas@linux.microsoft.com> <1576202134.4579.189.camel@linux.ibm.com> <6e0dad33-66f9-4807-d08d-ff30396cec5e@linux.microsoft.com> <1576204377.4579.206.camel@linux.ibm.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 x-cbid: 19121313-0028-0000-0000-000003C82E99 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19121313-0029-0000-0000-0000248B6C03 Message-Id: <1576242406.4579.239.camel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-12-13_03:2019-12-13,2019-12-13 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 bulkscore=0 clxscore=1015 suspectscore=0 adultscore=0 mlxlogscore=999 phishscore=0 spamscore=0 lowpriorityscore=0 malwarescore=0 priorityscore=1501 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1912130105 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2019-12-12 at 18:59 -0800, Lakshmi Ramasubramanian wrote: > On 12/12/2019 6:32 PM, Mimi Zohar wrote: > > >>> > >>> Don't you need a test here, before setting ima_process_keys? > >>> > >>> if (ima_process_keys) > >>> return; > >> That check is done before the comment - at the start of > >> ima_process_queued_keys(). > > > > The first test prevents taking the mutex unnecessarily. > > > > I am trying to understand your concern here. Could you please clarify? > > => If ima_process_keys is false > -> With the mutex held, should check ima_process_keys again > before setting? > > Let's say 2 or more threads are racing in calling ima_process_queued_keys(): > > The 1st one will set ima_process_keys and process queued keys. > > The 2nd and subsequent ones - even if they have gone past the initial > check, will find an empty list of keys (the list "ima_keys") when they > take the mutex. So they'll not process any keys. I just need to convince myself that this is correct.  Normally before reading and writing a flag, there is some sort of locking.  With taking the mutex before setting the flag, there is now only a lock around the single writer. Without taking a lock before reading the flag, will the queue always be empty is the question.  If it is, then the comment is correct, but the code assumes not and processes the list again.  Testing the flag after taking the mutex just re-enforces the comment. Bottom line, does reading the flag need to be lock protected? Mimi