On Mon, 2020-11-23 at 18:18 +0100, Pavel Machek wrote: > > > Basically every other data structure in kernel is "critical" by your > > > definition, and you can't really measure them all; some of them change > > > rather often. Going piecemeal does not really help here. > > > > Agreed, measuring data structures that change is not really applicable. > > However, measuring data structures that once initialized don't change, > > does make sense (similar concept to __ro_after_init). The attestation > > server doesn't need to know anything about the measurement, other than > > more than a single measurement is indicative of a problem. > > So, why not simply measure everything that is ro_after_init? I guess we could, but the original discussion, a long time ago prior to LSM stacking, was limited to measuring the LSM hooks. Mimi -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
