diff options
| author | Tushar Sugandhi <tusharsu@linux.microsoft.com> | 2021-07-13 02:49:00 +0200 |
|---|---|---|
| committer | Mike Snitzer <snitzer@redhat.com> | 2021-08-10 19:34:22 +0200 |
| commit | 84010e519f95c863728e4b1d73cf93cda41ac00e (patch) | |
| tree | 359b62c7fe2d5e1f811463b267d6ce6182b09a63 /drivers/md/dm-ioctl.c | |
| parent | dm ima: measure data on device resume (diff) | |
| download | linux-84010e519f95c863728e4b1d73cf93cda41ac00e.tar.xz linux-84010e519f95c863728e4b1d73cf93cda41ac00e.zip | |
dm ima: measure data on device remove
Presence of an active block-device, configured with expected parameters,
is important for an external attestation service to determine if a system
meets the attestation requirements. Therefore it is important for DM to
measure the device remove events.
Measure device parameters and table hashes when the device is removed,
using either remove or remove_all.
Signed-off-by: Tushar Sugandhi <tusharsu@linux.microsoft.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Diffstat (limited to 'drivers/md/dm-ioctl.c')
| -rw-r--r-- | drivers/md/dm-ioctl.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index 100745cd8f01..59f99759cfec 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -348,6 +348,7 @@ retry: dm_sync_table(md); dm_table_destroy(t); } + dm_ima_measure_on_device_remove(md, true); dm_put(md); if (likely(keep_open_devices)) dm_destroy(md); @@ -982,6 +983,8 @@ static int dev_remove(struct file *filp, struct dm_ioctl *param, size_t param_si param->flags &= ~DM_DEFERRED_REMOVE; + dm_ima_measure_on_device_remove(md, false); + if (!dm_kobject_uevent(md, KOBJ_REMOVE, param->event_nr)) param->flags |= DM_UEVENT_GENERATED_FLAG; |