Re: [PATCH v4 2/2] IMA: Call workqueue functions to measure queued keys

From: Mimi Zohar
Date: Mon Dec 16 2019 - 08:05:31 EST

Next message: Maxime Ripard: "Re: [PATCH] drm/panel: simple: Support reset GPIOs"
Previous message: Thomas, Rijo-john: "Re: [RFC PATCH v3 0/4] TEE driver for AMD APUs"
In reply to: James Bottomley: "Re: [PATCH v4 2/2] IMA: Call workqueue functions to measure queued keys"
Next in thread: Lakshmi Ramasubramanian: "Re: [PATCH v4 2/2] IMA: Call workqueue functions to measure queued keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2019-12-16 at 15:53 +0900, James Bottomley wrote:
> That doesn't matter ... the question is, is the input assumption that
> both pre/post have to be called or neither must correct? If so, the
> code is wrong, if not, explain why.

Thanks, James, for looking at the locking.

"ima_process_keys" is set once. ÂOnce it is set, the keys are measured
immediately. ÂFor performance to avoid taking the mutex, both the
reader and writer check "ima_process_keys" twice, once without taking
the lock and, again, after taking the lock. ÂBased on the second test,
the reader queues the "key" or not. ÂRefer to ima_queue_key().

The latest patch version sets "ima_process_keys" after taking the
lock. ÂWith this change, the comment in ima_process_queued_keys() is
now correct. ÂWe're now guaranteed to process the queued "keys" just
once and not drop any "key" measurements.

I hope this answers your question.

Mimi

Next message: Maxime Ripard: "Re: [PATCH] drm/panel: simple: Support reset GPIOs"
Previous message: Thomas, Rijo-john: "Re: [RFC PATCH v3 0/4] TEE driver for AMD APUs"
In reply to: James Bottomley: "Re: [PATCH v4 2/2] IMA: Call workqueue functions to measure queued keys"
Next in thread: Lakshmi Ramasubramanian: "Re: [PATCH v4 2/2] IMA: Call workqueue functions to measure queued keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]