Re: [dm-devel] [PATCH 0/7] device mapper target measurements using IMA

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Thore,

On 7/27/21 1:33 PM, Alasdair G Kergon wrote:

Creating a dm-verity device with mount then removing it and now if you create it
again no measurement is generated. Is that the expected behavior?

Each of the relevant dm ioctls should be logged separately each time.  If that's
not happening it might need fixing.


Most likely this is because you haven't set CONFIG_IMA_DISABLE_HTABLE=y.

See "IMA: support for duplicate measurement records" [1] for details.

Please let us know if you still see this behavior after setting
CONFIG_IMA_DISABLE_HTABLE=y.

Thanks,
Tushar
[1] https://github.com/torvalds/linux/commit/52c208397c246f0c31d031eb8c41f9c7e9fdec0e
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux