Received: by 2002:a05:6359:6284:b0:131:369:b2a3 with SMTP id se4csp5069298rwb; Tue, 8 Aug 2023 20:16:58 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF/MP5eepB55paegMEXJxpJuhswleVvjon7hMIS36dQpXcRqlQz/p6YrCppso0e+wzjufeX X-Received: by 2002:a17:902:d4d2:b0:1b6:b703:36f8 with SMTP id o18-20020a170902d4d200b001b6b70336f8mr1762183plg.25.1691551018485; Tue, 08 Aug 2023 20:16:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691551018; cv=none; d=google.com; s=arc-20160816; b=ceCXPYPhMQWF5JDmLo9hKa++wRN74JQZJTaSmQrepPwqTu1BL+dZZ885cTXeee+Fac 98Sq1R7TTfiHb01GsaH2fuRk/hpeF/YkHgZfPudTInHR2aPasZ87bz5DkKtbafSE0BuH pgMb6iypGw185AOODJZv0sju7lc9xbvJ8ME+Ac38HxVT1E7hxWQK6amBeqiVq4A+v0Zt zxFWxQC/mfKZ7SWeR9GsbtSBApAA2mgU2Tyw3J22rhwAIwnxhDpXPsYWKx0FH47b7J9t B6LUliUWVDGt0RfCywFwsAgPx+6UDN4/JtmTAPLFkDApFaL1sZt2qza/P2rW0cMzOA+X VDmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:mail-followup-to:message-id:subject:cc:to :from:date:dkim-signature; bh=Uit/uI9wNXL5YCKyEI8jLmeigfyPLrbiOuFoHmEFQCw=; fh=Koq51nmloDBVeECE5Z67fwrqYr2TKs69Wc2czzybFTs=; b=NkNa/t1nYv2mXteyqt/1LDkxLEnJhIiXVWMnWU8alvK2/XIcCwM1nTUnlVurrguzt6 P6cOAOV/jPKkrMx9bdhozTPUXorSRK1dgsBtC8E20gVMlfMAubStGr3+7sppCcRWq87x 59rd8Gvo+NztK+ofW6gLMttXdu65cp8oV+mAD88S+fXu42+mIsUj3ZORc+ESAZ4tXRQ7 dPEIQBaMQcjmt+57+nofU6HBDIogd+pmM6hkcOUIh7GcMXbrVQ4NgCpGh7uDV484v9JS GpU2zhLQfbDYIhWViBFjG2XjVWM50bAgHdTikXg6b2YzHaZvBaPSPgIqkDuXRpbrogvo H5QA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Uh33Zyvk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a14-20020a170902ecce00b001bb3499d8besi8722188plh.478.2023.08.08.20.16.46; Tue, 08 Aug 2023 20:16:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Uh33Zyvk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230270AbjHHXpQ (ORCPT + 99 others); Tue, 8 Aug 2023 19:45:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42448 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229506AbjHHXpO (ORCPT ); Tue, 8 Aug 2023 19:45:14 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 772501BE5 for ; Tue, 8 Aug 2023 16:44:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1691538265; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Uit/uI9wNXL5YCKyEI8jLmeigfyPLrbiOuFoHmEFQCw=; b=Uh33ZyvkoqVVTAXNgThSiddLvd0g8eCMfDQ+j8wrV8loSWTvbGoZYlb/oNflKqekA72QkD 34AsSo3oEulT8zRhF/eTYFVswr+u7sWaIKcWrDtp6la918A1QF1r3hvFQ50xfKqzEJiIfO Ey+sERA5FO20G7ZLvrnpEwiRja1wtIQ= Received: from mimecast-mx02.redhat.com (66.187.233.73 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-621-Miq98z2KM-2M0qdOh4MIgQ-1; Tue, 08 Aug 2023 19:44:24 -0400 X-MC-Unique: Miq98z2KM-2M0qdOh4MIgQ-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1DB263C14AA4; Tue, 8 Aug 2023 23:44:23 +0000 (UTC) Received: from agk-cloud1.hosts.prod.upshift.rdu2.redhat.com (agk-cloud1.hosts.prod.upshift.rdu2.redhat.com [10.0.13.154]) by smtp.corp.redhat.com (Postfix) with ESMTP id A3551492C13; Tue, 8 Aug 2023 23:44:22 +0000 (UTC) Received: by agk-cloud1.hosts.prod.upshift.rdu2.redhat.com (Postfix, from userid 3883) id 7C2AE403A55F; Wed, 9 Aug 2023 00:40:23 +0100 (BST) Date: Wed, 9 Aug 2023 00:40:23 +0100 From: Alasdair G Kergon To: Fan Wu Cc: Paul Moore , Mike Snitzer , corbet@lwn.net, zohar@linux.ibm.com, jmorris@namei.org, serge@hallyn.com, tytso@mit.edu, ebiggers@kernel.org, axboe@kernel.dk, agk@redhat.com, eparis@redhat.com, linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-block@vger.kernel.org, dm-devel@redhat.com, audit@vger.kernel.org, roberto.sassu@huawei.com, linux-kernel@vger.kernel.org, Deven Bowers Subject: Re: [RFC PATCH v10 11/17] dm-verity: consume root hash digest and signature data via LSM hook Message-ID: <20230808234023.GC120054@agk-cloud1.hosts.prod.upshift.rdu2.redhat.com> Mail-Followup-To: Fan Wu , Paul Moore , Mike Snitzer , corbet@lwn.net, zohar@linux.ibm.com, jmorris@namei.org, serge@hallyn.com, tytso@mit.edu, ebiggers@kernel.org, axboe@kernel.dk, agk@redhat.com, eparis@redhat.com, linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-block@vger.kernel.org, dm-devel@redhat.com, audit@vger.kernel.org, roberto.sassu@huawei.com, linux-kernel@vger.kernel.org, Deven Bowers References: <1687986571-16823-1-git-send-email-wufan@linux.microsoft.com> <1687986571-16823-12-git-send-email-wufan@linux.microsoft.com> <20230712034319.GA17642@linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.internal.cloudapp.net> <20230808224503.GA20095@linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.internal.cloudapp.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230808224503.GA20095@linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.internal.cloudapp.net> User-Agent: Mutt/1.5.21 (2010-09-15) X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Aug 08, 2023 at 03:45:03PM -0700, Fan Wu wrote: > On Tue, Jul 25, 2023 at 04:43:48PM -0400, Paul Moore wrote: > > Where would the finalize() hook be called? > > It is in the __bind function in drivers/md/dm.c, calling just before > rcu_assign_pointer(md->map, (void *)t) which activates the inactive table. That would be after the existing commit point, meaning the table swap cannot be cancelled there, so is the finalize() you are proposing void() i.e. designed so it always succeeds? Alasdair