git.maquefel.me Git - linux.git/commit

author	Tushar Sugandhi <tusharsu@linux.microsoft.com>
	Fri, 13 Aug 2021 21:38:00 +0000 (14:38 -0700)
committer	Mike Snitzer <snitzer@redhat.com>
	Fri, 20 Aug 2021 20:07:36 +0000 (16:07 -0400)
commit	33ace4ca125315d7f4f2b022bf6c83dfade8f9d8
tree	7d5ab7f941dc30f46344a1d71320e6443ff91f1e	tree \| snapshot
parent	f1cd6cb24b6b3cd95227e8016d092310a4015e96	commit \| diff

dm ima: update dm target attributes for ima measurements

Certain DM targets ('integrity', 'multipath', 'verity') need to update the
way their attributes are recorded in the ima log, so that the attestation
servers can interpret the data correctly and decide if the devices
meet the attestation requirements.  For instance, the "mode=%c" attribute
in the 'integrity' target is measured twice, the 'verity' target is
missing the attribute "root_hash_sig_key_desc=%s", and the 'multipath'
target needs to index the attributes properly.

Update 'integrity' target to remove the duplicate measurement of
the attribute "mode=%c".  Add "root_hash_sig_key_desc=%s" attribute
for the 'verity' target.  Index various attributes in 'multipath'
target.  Also, add "nr_priority_groups=%u" attribute to 'multipath'
target to record the number of priority groups.

Signed-off-by: Tushar Sugandhi <tusharsu@linux.microsoft.com>
Suggested-by: Thore Sommer <public@thson.de>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>

drivers/md/dm-integrity.c		diff \| blob \| history
drivers/md/dm-mpath.c		diff \| blob \| history
drivers/md/dm-verity-target.c		diff \| blob \| history