Re: ima-evm-utils: library version

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Btw,

On Wed, Jul 24, 2019 at 08:28:01PM +0300, Vitaly Chikunov wrote:
> On Wed, Jul 24, 2019 at 08:51:38AM -0400, Mimi Zohar wrote:
> > 
> > In preparing the ima-evm-utils v1.2 release, I noticed that the
> > library version was never updated.  It is still "0.0.0".  Should I set
> > it to something?  If so, what versioning scheme do you recommend -
> > using the libtool current[:revision[:age]], prepending the release
> > version on the .so, or suffixing the release version on the .so?
> 
> libtool rules should be followed:
> 
>   https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html
> 
> I think you should change 0.0.0 to 1.0.0 just before release. Since we are
> changed ABI of calc_keyid_v2 (RSA *key -> EVP_PKEY *pkey). (There is also
> changes to read_pub_pkey and get_filesize.)

Speaking about ABI:

   src/ima-evm-utils (tests)$ readelf --dyn-syms src/.libs/libimaevm.so | egrep -vw 'UND|_edata|_fini|_init|_end|__bss_start'
   Num:    Value          Size Type    Bind   Vis      Ndx Name
    74: 0000000000003bf6  1047 FUNC    GLOBAL DEFAULT   12 sign_hash_v1
    75: 0000000000002c5b   783 FUNC    GLOBAL DEFAULT   12 read_pub_pkey
    77: 000000000000400d   836 FUNC    GLOBAL DEFAULT   12 sign_hash_v2
    78: 0000000000004351    56 FUNC    GLOBAL DEFAULT   12 sign_hash
    81: 0000000000003795   198 FUNC    GLOBAL DEFAULT   12 key2bin
    83: 00000000000025f3  1640 FUNC    GLOBAL DEFAULT   12 ima_calc_hash
    84: 0000000000003204   232 FUNC    GLOBAL DEFAULT   12 get_hash_algo
    85: 00000000000032ec   836 FUNC    GLOBAL DEFAULT   12 verify_hash
    87: 0000000000003630   357 FUNC    GLOBAL DEFAULT   12 ima_verify_signature
    88: 000000000000385b   204 FUNC    GLOBAL DEFAULT   12 calc_keyid_v1
    89: 0000000000205d20   144 OBJECT  GLOBAL DEFAULT   20 hash_algo_name
    90: 0000000000003927   308 FUNC    GLOBAL DEFAULT   12 calc_keyid_v2
    91: 0000000000002566    34 FUNC    GLOBAL DEFAULT   12 dump
    92: 0000000000003a5b   411 FUNC    GLOBAL DEFAULT   12 init_public_keys
    93: 0000000000205c80   160 OBJECT  GLOBAL DEFAULT   20 pkey_hash_algo
    94: 00000000002062c0    32 OBJECT  GLOBAL DEFAULT   24 params
    95: 0000000000205be0   160 OBJECT  GLOBAL DEFAULT   20 pkey_hash_algo_kern
    96: 0000000000002588   107 FUNC    GLOBAL DEFAULT   12 get_hash_algo_by_id
    97: 0000000000002f6a   113 FUNC    GLOBAL DEFAULT   12 read_pub_key
    98: 0000000000002509    93 FUNC    GLOBAL DEFAULT   12 do_dump

This looks not very good. Names like `dump', `do_dump', `params' aren't good
for public ABI. And should be prefixed, or removed. Probably, some (or all)
others too. Prefix could be something like `ima_', like in `ima_calc_hash'.

Thanks,
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux