packages/dim
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use jiffies64 interface to set measure interval

Browse Source
This commit is contained in:
Huaxin Lu 2023-09-14 14:26:16 +08:00
parent 5c41d39041
commit 1cb54c412c
2 changed files with 109 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
Use-jiffies64-interface-to-set-measure-interval.patch Normal file
View File

@ -0,0 +1,104 @@
From b401815cca8d7d8beddba4726ccafee047f05205 Mon Sep 17 00:00:00 2001
From: Huaxin Lu <luhuaxin1@huawei.com>
Date: Thu, 14 Sep 2023 14:22:10 +0800
Subject: [PATCH] Use jiffies64 interface to set measure interval
The max measure interval is designed to 1 year. So using
msecs_to_jeffies may cause a overflow.
Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
---
src/core/dim_core_measure.c | 39 ++++++++++++++++++++++++-------------
src/core/dim_core_measure.h | 3 ++-
2 files changed, 27 insertions(+), 15 deletions(-)
diff --git a/src/core/dim_core_measure.c b/src/core/dim_core_measure.c
index e0042eb..59e2cf8 100644
--- a/src/core/dim_core_measure.c
+++ b/src/core/dim_core_measure.c
@@ -36,7 +36,7 @@ bool tampered_action = false;
/* time (jiffies) to set */
unsigned long measure_schedule_jiffies = 0;
-static atomic_t measure_interval_jiffies = ATOMIC_INIT(0);
+static unsigned long measure_interval_jiffies = 0;
struct dim_tpm dim_core_tpm = { 0 };
struct dim_hash dim_core_hash = { 0 };
@@ -52,27 +52,38 @@ long dim_core_interval_get(void)
return p;
}
-int dim_core_interval_set(unsigned int p)
+unsigned long dim_core_interval_jiffies_get(void)
{
- unsigned long p_jiffies = 0;
+ unsigned long p = 0;
- if (p > DIM_INTERVAL_MAX)
- return -ERANGE;
+ mutex_lock(&dim_core_interval_lock);
+ p = measure_interval_jiffies;
+ mutex_unlock(&dim_core_interval_lock);
+ return p;
+}
+
+int dim_core_interval_set(unsigned int min)
+{
+ unsigned long min_jiffies = 0;
- p_jiffies = msecs_to_jiffies(p * DIM_MINUTE_TO_MSEC);
- if (p_jiffies == MAX_JIFFY_OFFSET)
+ if (min > DIM_INTERVAL_MAX ||
+ (unsigned long)min * DIM_MINUTE_TO_SEC > MAX_SEC_IN_JIFFIES)
return -ERANGE;
+ min_jiffies = (min == 0) ? 0 :
+ nsecs_to_jiffies64((unsigned long)min * DIM_MINUTE_TO_NSEC);
+
mutex_lock(&dim_core_interval_lock);
- measure_interval = p;
- atomic_set(&measure_interval_jiffies, p_jiffies);
- if (p_jiffies == 0) {
+ measure_interval = min;
+ measure_interval_jiffies = min_jiffies;
+ if (measure_interval == 0) {
dim_info("cancel dim timed measure work");
cancel_delayed_work_sync(&dim_measure_work);
} else {
- dim_info("modify dim measure interval to %u min (jittfies = %lu)",
- p, p_jiffies);
- mod_delayed_work(dim_work_queue, &dim_measure_work, p_jiffies);
+ dim_info("modify dim measure interval to %u min "
+ "(jittfies = 0x%lx)", min, min_jiffies);
+ mod_delayed_work(dim_work_queue, &dim_measure_work,
+ min_jiffies);
}
mutex_unlock(&dim_core_interval_lock);
@@ -154,7 +165,7 @@ static void dim_worker_work_cb(struct work_struct *work)
unsigned long p;
do_measure();
- p = atomic_read(&measure_interval_jiffies);
+ p = dim_core_interval_jiffies_get();
if (p != 0)
queue_delayed_work(dim_work_queue, &dim_measure_work, p);
}
diff --git a/src/core/dim_core_measure.h b/src/core/dim_core_measure.h
index c9f0647..c9abc4e 100644
--- a/src/core/dim_core_measure.h
+++ b/src/core/dim_core_measure.h
@@ -9,7 +9,8 @@
/* max measure interval = 1 year */
#define DIM_INTERVAL_MAX (365 * 24 * 60)
-#define DIM_MINUTE_TO_MSEC (60 * 1000)
+#define DIM_MINUTE_TO_SEC (60UL)
+#define DIM_MINUTE_TO_NSEC (60UL * 1000 * 1000 * 1000)
/* max number of kill tasks */
#define DIM_KILL_TASKS_MAX (1024)
/* limit of measure parameter */
--
2.33.0

6
dim.spec
View File

@ -4,13 +4,14 @@
Name : dim
Summary : Dynamic Integrity Measurement
Version : 1.0.2
Release : 2
Release : 3
License : GPL-2.0
Source0 : %{name}-v%{version}.tar.gz
BuildRequires: kernel-devel kernel-headers
Requires : kernel
Patch0001: Limit-the-max-line-number-of-policy-and-baseline-par.patch
Patch0002: Use-jiffies64-interface-to-set-measure-interval.patch
%description
Dynamic Integrity Measurement
@ -49,6 +50,9 @@ rm -rf %{buildroot}
%attr(0400,root,root) /lib/modules/%{kernel_version}/extra/dim/dim_monitor.ko
%changelog
* Fri Sep 15 2023 luhuaxin <luhuaxin1@huawei.com> 1.0.2-3
- Use jiffies64 interface to set measure interval
* Thu Sep 14 2023 luhuaxin <luhuaxin1@huawei.com> 1.0.2-2
- Limit the max line number of policy and baseline parsing