dm ima: prefix ima event name related to device mapper with dm_

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The event names for the DM events recorded in the ima log do not contain
any information to indicate the events are part of the DM devices/targets.

Prefix the event names for DM events with "dm_" to indicate that they
are part of device-mapper.

Signed-off-by: Tushar Sugandhi <tusharsu@linux.microsoft.com>
Suggested-by: Thore Sommer <public@thson.de>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>

authored by

Tushar Sugandhi and committed by

Mike Snitzer 4 years ago 9c2adfa6 dc7b79cc

+10 -9

1 changed file

expand all

drivers

dm-ima.c

+10 -9

drivers/md/dm-ima.c

··· 192 192 * when prefixing the hash value with the hash algorithm name. e.g. sha256:<hash_value>. 193 193 */ 194 194 const size_t hash_alg_prefix_len = strlen(DM_IMA_TABLE_HASH_ALG) + 1; 195 + char table_load_event_name[] = "dm_table_load"; 195 196 196 197 ima_buf = dm_ima_alloc(DM_IMA_MEASUREMENT_BUF_LEN, GFP_KERNEL, noio); 197 198 if (!ima_buf) ··· 272 271 * targets by prefixing the device metadata again. 273 272 */ 274 273 if (unlikely(cur_total_buf_len >= DM_IMA_MEASUREMENT_BUF_LEN)) { 275 - dm_ima_measure_data("table_load", ima_buf, l, noio); 274 + dm_ima_measure_data(table_load_event_name, ima_buf, l, noio); 276 275 r = crypto_shash_update(shash, (const u8 *)ima_buf, l); 277 276 if (r < 0) 278 277 goto error; ··· 281 280 l = 0; 282 281 283 282 /* 284 - * Each new "table_load" entry in IMA log should have device data 285 - * prefix, so that multiple records from the same table_load for 283 + * Each new "dm_table_load" entry in IMA log should have device data 284 + * prefix, so that multiple records from the same "dm_table_load" for 286 285 * a given device can be linked together. 287 286 */ 288 287 memcpy(ima_buf + l, DM_IMA_VERSION_STR, table->md->ima.dm_version_str_len); ··· 293 292 294 293 /* 295 294 * If this iteration of the for loop turns out to be the last target 296 - * in the table, dm_ima_measure_data("table_load", ...) doesn't need 295 + * in the table, dm_ima_measure_data("dm_table_load", ...) doesn't need 297 296 * to be called again, just the hash needs to be finalized. 298 297 * "last_target_measured" tracks this state. 299 298 */ ··· 312 311 } 313 312 314 313 if (!last_target_measured) { 315 - dm_ima_measure_data("table_load", ima_buf, l, noio); 314 + dm_ima_measure_data(table_load_event_name, ima_buf, l, noio); 316 315 317 316 r = crypto_shash_update(shash, (const u8 *)ima_buf, l); 318 317 if (r < 0) ··· 461 460 memcpy(device_table_data + l, capacity_str, capacity_len); 462 461 l += capacity_len; 463 462 464 - dm_ima_measure_data("device_resume", device_table_data, l, noio); 463 + dm_ima_measure_data("dm_device_resume", device_table_data, l, noio); 465 464 466 465 kfree(dev_name); 467 466 kfree(dev_uuid); ··· 578 577 memcpy(device_table_data + l, capacity_str, capacity_len); 579 578 l += capacity_len; 580 579 581 - dm_ima_measure_data("device_remove", device_table_data, l, noio); 580 + dm_ima_measure_data("dm_device_remove", device_table_data, l, noio); 582 581 583 582 error: 584 583 kfree(device_table_data); ··· 659 658 memcpy(device_table_data + l, capacity_str, capacity_len); 660 659 l += capacity_len; 661 660 662 - dm_ima_measure_data("table_clear", device_table_data, l, noio); 661 + dm_ima_measure_data("dm_table_clear", device_table_data, l, noio); 663 662 664 663 if (new_map) { 665 664 if (md->ima.inactive_table.hash && ··· 734 733 "%s%snew_name=%s,new_uuid=%s;%s", DM_IMA_VERSION_STR, old_device_data, 735 734 new_dev_name, new_dev_uuid, capacity_str); 736 735 737 - dm_ima_measure_data("device_rename", combined_device_data, strlen(combined_device_data), 736 + dm_ima_measure_data("dm_device_rename", combined_device_data, strlen(combined_device_data), 738 737 noio); 739 738 740 739 goto exit;