The existing device mapper IMA measurements only measure the table content on target creation. This is fine for targets that do not change their table during runtime, but some targets like verity use the table to display state changes. Those changes are not visible through the existing device mapper integration. A new DM event "dm_target_update" is introduced for targets to remeasure their table entry. This event is intended to be used by targets that change their table entries to indicate potential security relevant information. This allows for a more complete Remote Attestation of device mapper targets. One example use case is to verify the with verity protected root filesystem using Remote Attestation via IMA. This was not possible before because the corruption is only detected during runtime and not when the table is loaded. Keylime [1] has experimental support for validating this event, but it has to be enabled manually. Changes since RFC patch set [2]: - Added suggested changes from Lakshmi - rewrote target index calculation and removed unnecessary NULL check - rewrote verity integration to be more readable - Added more detailed description to the single commit messages [1] https://keylime.dev/ [2] https://lore.kernel.org/linux-integrity/20220106203436.281629-1-public@xxxxxxxx/T/ Thore Sommer (3): dm ima: allow targets to remeasure their table entry dm verity: add support for IMA target update event dm ima: add documentation target update event .../admin-guide/device-mapper/dm-ima.rst | 33 +++++++++ drivers/md/dm-ima.c | 70 +++++++++++++++++++ drivers/md/dm-ima.h | 2 + drivers/md/dm-verity-target.c | 10 ++- 4 files changed, 113 insertions(+), 2 deletions(-) -- 2.36.0
