dm ima: add a warning in dm_init if duplicate ima events are not measured

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The end-users of DM devices/targets may remove and re-create the same
device multiple times. IMA does not measure such duplicate events if the
configuration CONFIG_IMA_DISABLE_HTABLE is set to 'n'.
To avoid confusion, the end-users need some indication on the client
if that configuration option is disabled.

Add a one-time warning during dm_init() if CONFIG_IMA_DISABLE_HTABLE
is set to 'n', to notify the end-users that duplicate events will not
be measured in the ima log. Also cleanup some whitespace in dm_init().

Signed-off-by: Tushar Sugandhi <tusharsu@linux.microsoft.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>

authored by

Tushar Sugandhi and committed by

Mike Snitzer 4 years ago f1cd6cb2 9c2adfa6

+6 -3

1 changed file

expand all

drivers

dm.c

+6 -3

drivers/md/dm.c

··· 262 262 static int __init dm_init(void) 263 263 { 264 264 const int count = ARRAY_SIZE(_inits); 265 - 266 265 int r, i; 266 + 267 + #if (IS_ENABLED(CONFIG_IMA) && !IS_ENABLED(CONFIG_IMA_DISABLE_HTABLE)) 268 + DMWARN("CONFIG_IMA_DISABLE_HTABLE is disabled." 269 + " Duplicate IMA measurements will not be recorded in the IMA log."); 270 + #endif 267 271 268 272 for (i = 0; i < count; i++) { 269 273 r = _inits[i](); ··· 276 272 } 277 273 278 274 return 0; 279 - 280 - bad: 275 + bad: 281 276 while (i--) 282 277 _exits[i](); 283 278