Received: by 2002:ab2:3319:0:b0:1ef:7a0f:c32d with SMTP id i25csp717969lqc; Fri, 8 Mar 2024 09:36:40 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVFyNX1GDaOprKeXW3WkwILRkeB4ghxxPPXaaOusNDdz9bJT4LO28770HUXha8XPTNhc0I/uwZC7vg5n8A/hFgHp/zFObEc0+h0Lx7hrA== X-Google-Smtp-Source: AGHT+IEqE17vc4sUieKUnIz+Riq5VT+bOkFpsNcKMufNSwesBlJA8ipb7tGlvk5SZ7jTqqa1oDc7 X-Received: by 2002:a92:d447:0:b0:366:315f:822a with SMTP id r7-20020a92d447000000b00366315f822amr1086096ilm.9.1709919400592; Fri, 08 Mar 2024 09:36:40 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709919400; cv=pass; d=google.com; s=arc-20160816; b=yR239ljBlv2Lo3w3dn8ZjooHgN74EHJxxstHSr3mPgsaJfOmBAO8IzvgA1Nmzyqprf mHrUSlXO+kX9SLhoaxOQLpkxLpEcczxOXOrBT51M0GHh8uy1f4TeMTSxKEp8pYWIWX74 l3r21zcpKLzY8U370/dSrYm8M+8BLlbl7RO3BadBbi6su4K7yRIr1qJq2LKdwgw7psce rE0y0mHmWoAK9HEB54+vLUS0LHRgRVzVKn16VoHpYIct9sd3qtrVbTeQWU7dnyUxtRzR saUiXKICA02DaGNnU5bVxMNO+ErBg7fsgOXVzPf/BctHB/ZlrvtBgT1sWCsB1bTDxaHv IgUw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:date:cc:to :from:subject:message-id:dkim-signature; bh=T1gt1AlMskl2ebgO4dM9LtD7IBD/suD1IXel1r9hyvs=; fh=9WX4f37OFeDQy5NbMGxdkSnKGlFw1LfIYxde3vnTOqE=; b=bMvs+BgOOdtHQ59Kv+MR79TaLqXMQhi1yBvJ076Ut3EwvQkulW4tkBAMIlZ9YlMWPR nnt+2T4GvwVSSnP6q8CjQvGI2zZDVS3+EPYV3VV2VmfD7k82ZZMm/ZXQeYsWBGdKRwxg xkuuf+3IAoS0nEdTzVA9/V5nHPDTRJgXElv9ZckxD/tU+WzIkCRQe8N41KCiRCk7Qw0C eDqcbUCrtZ9Yva1wmu++IwiXKYQxrE2/fqQ0lm7Rog0p6rHkLQyiD57Nv69Ra8BUSKMR AF7crfu8mtoVS3WYMoIta9FMERhmTXFbmnvvOg7iVruRu2ucuXp50n7O2ixTR+QxID/q muzg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=jiSNZR+G; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-97401-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-97401-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id b37-20020a631b25000000b005d8b7c3a019si16121543pgb.856.2024.03.08.09.36.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Mar 2024 09:36:40 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-97401-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=jiSNZR+G; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-97401-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-97401-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 3CAA4283BA2 for ; Fri, 8 Mar 2024 17:36:40 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id ACFCA4F213; Fri, 8 Mar 2024 17:35:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="jiSNZR+G" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C0C6F4879B; Fri, 8 Mar 2024 17:35:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709919354; cv=none; b=YcFAHfLMG0YDY4FY9r2YmzBy7E3KTAW5D39yl68zsN8vMarA+3myj8p98XFCfFnU2nUUrsrtfAhVqILlB679TccLmxuIBAtSy4beP8z7BV+lIguuYaAF3Y7EdosZWBTA2sjFa6X9Y7rwaUgwqlEsbMAEz4b5chOddjM86hJ7b3Y= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709919354; c=relaxed/simple; bh=7iOr2ujvj+DFNXgSr9F6MR/Wl7/NyCpzmfzegr9vFkM=; h=Message-ID:Subject:From:To:Cc:Date:In-Reply-To:References: Content-Type:Mime-Version; b=T2IofUAeLcSjOrHpuSfFfEkHmKYbgt2H0TXFqC2RuFqH7KrwOv7vl3DRxmBktiItide3N3DgsrY5tIgV1s1b2AEWJlzE7YlkIQ39t5NtqmwQaUwxEhGM7MHXZ65qrWpOK+zc1Iw8QFbaRwq9G34/NajVa3z9yQJfXTQ29bc20kM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=jiSNZR+G; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0353723.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 428HO1Zu014026; Fri, 8 Mar 2024 17:35:12 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : subject : from : to : cc : date : in-reply-to : references : content-type : mime-version : content-transfer-encoding; s=pp1; bh=T1gt1AlMskl2ebgO4dM9LtD7IBD/suD1IXel1r9hyvs=; b=jiSNZR+G+ygiS+In7vjxlkQWiA2wv51loLHhFnw/yG/FetM4h73OJRmI7KfySQNHroLX kzq4mNTE76ZZPRJfeIQI1oDVoU836hBBv5UZiOKyJztvYkv9Gju+7VmcARfouCY6+nV3 75SeTEcPddfgOGsBhl8KNOa5QspgPX7Eu7THxWJrK9lETsGSf5NXUJ42shlTCZHTDmX8 qYNM+qTPtY6AqCh0YRDBamgUyRYnwm+DYwErykX6c1qBgBVR54xlUw9IBgFtr1CZpyOC ZyDEVgInt8+oa0+uimlkj+rgC4QtByZwAjXfrOR5rB/GazsncpDN8XoeM7DwSmCWq+PQ gg== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wr67hs9r8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 08 Mar 2024 17:35:12 +0000 Received: from m0353723.ppops.net (m0353723.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 428HTgrh026035; Fri, 8 Mar 2024 17:35:11 GMT Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3wr67hs9qt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 08 Mar 2024 17:35:11 +0000 Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 428G1W3h031530; Fri, 8 Mar 2024 17:35:10 GMT Received: from smtprelay07.wdc07v.mail.ibm.com ([172.16.1.74]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 3wmgnknhk6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 08 Mar 2024 17:35:10 +0000 Received: from smtpav03.dal12v.mail.ibm.com (smtpav03.dal12v.mail.ibm.com [10.241.53.102]) by smtprelay07.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 428HZ7jt46268786 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 8 Mar 2024 17:35:09 GMT Received: from smtpav03.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 776F858060; Fri, 8 Mar 2024 17:35:07 +0000 (GMT) Received: from smtpav03.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 257AB5803F; Fri, 8 Mar 2024 17:35:06 +0000 (GMT) Received: from li-5cd3c5cc-21f9-11b2-a85c-a4381f30c2f3.ibm.com (unknown [9.61.150.204]) by smtpav03.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 8 Mar 2024 17:35:06 +0000 (GMT) Message-ID: Subject: Re: [RFC][PATCH 8/8] ima: Detect if digest cache changed since last measurement/appraisal From: Mimi Zohar To: Roberto Sassu , corbet@lwn.net, dmitry.kasatkin@gmail.com, eric.snowberg@oracle.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com Cc: linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, wufan@linux.microsoft.com, pbrobinson@gmail.com, zbyszek@in.waw.pl, hch@lst.de, mjg59@srcf.ucam.org, pmatilai@redhat.com, jannh@google.com, dhowells@redhat.com, jikos@kernel.org, mkoutny@suse.com, ppavlu@suse.com, petr.vorel@gmail.com, petrtesarik@huaweicloud.com, mzerqung@0pointer.de, kgold@linux.ibm.com, Roberto Sassu Date: Fri, 08 Mar 2024 12:35:05 -0500 In-Reply-To: <20240214143525.2205481-9-roberto.sassu@huaweicloud.com> References: <20240214143525.2205481-1-roberto.sassu@huaweicloud.com> <20240214143525.2205481-9-roberto.sassu@huaweicloud.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.28.5 (3.28.5-23.el8_9) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-TM-AS-GCONF: 00 X-Proofpoint-GUID: IlDftZT5RuRbJ9On9uYeUGpCMuzzrfHq X-Proofpoint-ORIG-GUID: Uja9by0fkc-2TosWj1c5XHtG1riNKJR_ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-03-08_08,2024-03-06_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 mlxlogscore=999 lowpriorityscore=0 suspectscore=0 clxscore=1015 spamscore=0 phishscore=0 impostorscore=0 priorityscore=1501 malwarescore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403080140 Hi Roberto, > b/security/integrity/ima/ima_main.c > index a66522a22cbc..e1b2f5737753 100644 > --- a/security/integrity/ima/ima_main.c > +++ b/security/integrity/ima/ima_main.c > @@ -301,6 +301,15 @@ static int process_measurement(struct file *file, const > struct cred *cred, > } > } > > + /* Check if digest cache changed since last measurement/appraisal. */ > + if (iint->digest_cache && > + digest_cache_changed(inode, iint->digest_cache)) { > + iint->flags &= ~IMA_DONE_MASK; > + iint->measured_pcrs = 0; > + digest_cache_put(iint->digest_cache); > + iint->digest_cache = NULL; > + } > + > /* Determine if already appraised/measured based on bitmask > * (IMA_MEASURE, IMA_MEASURED, IMA_XXXX_APPRAISE, IMA_XXXX_APPRAISED, > * IMA_AUDIT, IMA_AUDITED) > @@ -371,8 +380,15 @@ static int process_measurement(struct file *file, const > struct cred *cred, > * Since we allow IMA policy rules without func=, we have to enforce > * this restriction here. > */ > - if (rc == 0 && policy_mask && func != DIGEST_LIST_CHECK) > - digest_cache = digest_cache_get(file_dentry(file)); > + if (rc == 0 && policy_mask && func != DIGEST_LIST_CHECK) { > + if (!iint->digest_cache) { > + /* Released by ima_iint_free(). */ > + digest_cache = digest_cache_get(file_dentry(file)); > + iint->digest_cache = digest_cache; > + } else { > + digest_cache = iint->digest_cache; > + } Simple cleanup: if (!iint->digest_cache) iint->digest_cache =digest_cache_get(file_dentry(file)); digest_cache = iint->digest_cache; > + } > > if (digest_cache) { > found = digest_cache_lookup(file_dentry(file), digest_cache, > @@ -386,8 +402,6 @@ static int process_measurement(struct file *file, const > struct cred *cred, > if (verif_mask_ptr) > allow_mask = policy_mask & *verif_mask_ptr; > } > - > - digest_cache_put(digest_cache); Keeping a reference to the digest_cache list for each file in the iint cache until the file is re-accessed, might take a while to free. I'm wondering if it necessary to keep a reference to the digest_cache. Or is it possible to just compare the existing iint->digest_cache pointer with the current digest_cache pointer? thanks, Mimi > } > > if (action & IMA_MEASURE)