diff options
| author | Alasdair G Kergon <agk@redhat.com> | 2021-07-13 02:06:04 +0100 |
|---|---|---|
| committer | Zdenek Kabelac <zkabelac@redhat.com> | 2021-09-23 16:49:28 +0200 |
| commit | f853a1bc7afdebb44aeb8c1167e8784d155cad84 (patch) | |
| tree | 7a0dc6851ae0527d5843a20b012dddf84a389ede /libdm/ioctl | |
| parent | 707e7d762e2668af308457fd6d8b8375e18b0207 (diff) | |
| download | lvm2-f853a1bc7afdebb44aeb8c1167e8784d155cad84.tar.gz | |
libdm: dmsetup measure support for IMA
Add support for DM_IMA_MEASUREMENT_FLAG with
DM_TABLE_STATUS_CMD.
This feature requires DM version 4.45 (5.15+ kernels)
Diffstat (limited to 'libdm/ioctl')
| -rw-r--r-- | libdm/ioctl/libdm-iface.c | 19 | ||||
| -rw-r--r-- | libdm/ioctl/libdm-targets.h | 1 |
2 files changed, 19 insertions, 1 deletions
diff --git a/libdm/ioctl/libdm-iface.c b/libdm/ioctl/libdm-iface.c index d8f1c389d..28589a15c 100644 --- a/libdm/ioctl/libdm-iface.c +++ b/libdm/ioctl/libdm-iface.c @@ -929,6 +929,13 @@ int dm_task_secure_data(struct dm_task *dmt) return 1; } +int dm_task_ima_measurement(struct dm_task *dmt) +{ + dmt->ima_measurement = 1; + + return 1; +} + int dm_task_retry_remove(struct dm_task *dmt) { dmt->retry_remove = 1; @@ -1288,6 +1295,14 @@ static struct dm_ioctl *_flatten(struct dm_task *dmt, unsigned repeat_count) } dmi->flags |= DM_UUID_FLAG; } + if (dmt->ima_measurement) { + if (_dm_version_minor < 45) { + log_error("WARNING: IMA measurement unsupported by " + "kernel. Aborting operation."); + goto bad; + } + dmi->flags |= DM_IMA_MEASUREMENT_FLAG; + } dmi->target_count = count; dmi->event_nr = dmt->event_nr; @@ -1489,6 +1504,7 @@ static int _create_and_load_v4(struct dm_task *dmt) task->head = dmt->head; task->tail = dmt->tail; task->secure_data = dmt->secure_data; + task->ima_measurement = dmt->ima_measurement; r = dm_task_run(task); @@ -1877,7 +1893,7 @@ static struct dm_ioctl *_do_dm_ioctl(struct dm_task *dmt, unsigned command, } log_debug_activation("dm %s %s%s %s%s%s %s%.0d%s%.0d%s" - "%s[ %s%s%s%s%s%s%s%s%s] %.0" PRIu64 " %s [%u] (*%u)", + "%s[ %s%s%s%s%s%s%s%s%s%s] %.0" PRIu64 " %s [%u] (*%u)", _cmd_data_v4[dmt->type].name, dmt->new_uuid ? "UUID " : "", dmi->name, dmi->uuid, dmt->newname ? " " : "", @@ -1895,6 +1911,7 @@ static struct dm_ioctl *_do_dm_ioctl(struct dm_task *dmt, unsigned command, dmt->retry_remove ? "retryremove " : "", dmt->deferred_remove ? "deferredremove " : "", dmt->secure_data ? "securedata " : "", + dmt->ima_measurement ? "ima_measurement " : "", dmt->query_inactive_table ? "inactive " : "", dmt->enable_checks ? "enablechecks " : "", dmt->sector, _sanitise_message(dmt->message), diff --git a/libdm/ioctl/libdm-targets.h b/libdm/ioctl/libdm-targets.h index 294210d2b..022b02c72 100644 --- a/libdm/ioctl/libdm-targets.h +++ b/libdm/ioctl/libdm-targets.h @@ -69,6 +69,7 @@ struct dm_task { int enable_checks; int expected_errno; int ioctl_errno; + int ima_measurement; int record_timestamp; |