From: Stefan Berger <stefanb@linux.ibm.com>
To: Mimi Zohar <zohar@linux.ibm.com>, linux-integrity@vger.kernel.org
Cc: roberto.sassu@huawei.com, Petr Vorel <pvorel@suse.cz>
Subject: Re: [PATCH 2/2] ima: limit the number of ToMToU integrity violations
Date: Thu, 20 Feb 2025 10:24:34 -0500 [thread overview]
Message-ID: <c7b2536d-2217-4f51-839b-23742bee9ea7@linux.ibm.com> (raw)
In-Reply-To: <20250219162131.416719-3-zohar@linux.ibm.com>
On 2/19/25 11:21 AM, Mimi Zohar wrote:
> Each time a file in policy, that is already opened for read, is opened
> for write a Time-of-Measure-Time-of-Use (ToMToU) integrity violation
> audit message is emitted and a violation record is added to the IMA
> measurement list, even if a ToMToU violation has already been recorded.
>
> Limit the number of ToMToU integrity violations for an existing file
> open for read.
>
> Note: The IMA_MUST_MEASURE atomic flag must be set from the reader side
> based on policy. This may result in a per open reader additional ToMToU
> violation.
>
> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
> ---
> security/integrity/ima/ima_main.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index cde3ae55d654..f1671799a11b 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -129,9 +129,10 @@ static void ima_rdwr_violation_check(struct file *file,
> if (atomic_read(&inode->i_readcount) && IS_IMA(inode)) {
> if (!iint)
> iint = ima_iint_find(inode);
> +
> /* IMA_MEASURE is set from reader side */
> - if (iint && test_bit(IMA_MUST_MEASURE,
> - &iint->atomic_flags))
> + if (iint && test_and_clear_bit(IMA_MUST_MEASURE,
> + &iint->atomic_flags))
> send_tomtou = true;
> }
> } else {
next prev parent reply other threads:[~2025-02-20 15:24 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-19 16:21 [PATCH 0/2] ima: limit both open-writers and ToMToU violations Mimi Zohar
2025-02-19 16:21 ` [PATCH 1/2] ima: limit the number of open-writers integrity violations Mimi Zohar
2025-02-20 15:24 ` Stefan Berger
2025-02-20 18:26 ` Petr Vorel
2025-02-21 8:18 ` Petr Vorel
2025-02-21 16:56 ` Roberto Sassu
2025-02-19 16:21 ` [PATCH 2/2] ima: limit the number of ToMToU " Mimi Zohar
2025-02-20 15:24 ` Stefan Berger [this message]
2025-02-20 18:27 ` Petr Vorel
2025-02-21 8:18 ` Petr Vorel
2025-02-21 17:36 ` Roberto Sassu
2025-02-26 19:19 ` Mimi Zohar
2025-02-27 8:34 ` Roberto Sassu
2025-02-21 16:49 ` [PATCH 0/2] ima: limit both open-writers and ToMToU violations Roberto Sassu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c7b2536d-2217-4f51-839b-23742bee9ea7@linux.ibm.com \
--to=stefanb@linux.ibm.com \
--cc=linux-integrity@vger.kernel.org \
--cc=pvorel@suse.cz \
--cc=roberto.sassu@huawei.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox