On Wed, Jan 8, 2020 at 1:18 PM Janne Karhunen <janne.karhunen@xxxxxxxxx> wrote: > > Some systems can end up carrying lots of entries in the ima > measurement list. Since every entry is using a bit of kernel > memory, allow the sysadmin to export the measurement list to > the filesystem to free up some memory. Hopefully this addressed comments from everyone. The flush event can now be triggered by the admin anytime and unique file names can be used for each flush (log.1, log.2, ...) etc, so getting to the correct item should be easy. While it can now be argued that since this is an admin-driven event, kernel does not need to write the file. However, the intention is to bring out a second patch a bit later that adds a variable to define the max number of entries to be kept in the kernel memory and workqueue based automatic flushing. In those cases the kernel has to be able to write the file without any help from the admin.. -- Janne
