Use jiffies64 interface to set measure interval

2023-09-14 14:26:16 +08:00 · 2023-09-14 14:26:16 +08:00 · 1cb54c412c
commit 1cb54c412c
parent 5c41d39041
2 changed files with 109 additions and 1 deletions
--- a/Use-jiffies64-interface-to-set-measure-interval.patch
+++ b/Use-jiffies64-interface-to-set-measure-interval.patch
@ -0,0 +1,104 @@
 From b401815cca8d7d8beddba4726ccafee047f05205 Mon Sep 17 00:00:00 2001
 From: Huaxin Lu <luhuaxin1@huawei.com>
 Date: Thu, 14 Sep 2023 14:22:10 +0800
 Subject: [PATCH] Use jiffies64 interface to set measure interval
 The max measure interval is designed to 1 year. So using
 msecs_to_jeffies may cause a overflow.
 Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
 ---
 src/core/dim_core_measure.c | 39 ++++++++++++++++++++++++-------------
 src/core/dim_core_measure.h |  3 ++-
 2 files changed, 27 insertions(+), 15 deletions(-)
 diff --git a/src/core/dim_core_measure.c b/src/core/dim_core_measure.c
 index e0042eb..59e2cf8 100644
 --- a/src/core/dim_core_measure.c
 +++ b/src/core/dim_core_measure.c
@@ -36,7 +36,7 @@ bool tampered_action = false;
 /* time (jiffies) to set */
 unsigned long measure_schedule_jiffies = 0;
 -static atomic_t measure_interval_jiffies = ATOMIC_INIT(0);
 +static unsigned long measure_interval_jiffies = 0;
 struct dim_tpm dim_core_tpm = { 0 };
 struct dim_hash dim_core_hash = { 0 };
@@ -52,27 +52,38 @@ long dim_core_interval_get(void)
 	return p;
 }
 -int dim_core_interval_set(unsigned int p)
 +unsigned long dim_core_interval_jiffies_get(void)
 {
 -	unsigned long p_jiffies = 0;
 +	unsigned long p = 0;
 -	if (p > DIM_INTERVAL_MAX)
 -		return -ERANGE;
 +	mutex_lock(&dim_core_interval_lock);
 +	p = measure_interval_jiffies;
 +	mutex_unlock(&dim_core_interval_lock);
 +	return p;
 +}
 +
 +int dim_core_interval_set(unsigned int min)
 +{
 +	unsigned long min_jiffies = 0;
 -	p_jiffies = msecs_to_jiffies(p * DIM_MINUTE_TO_MSEC);
 -	if (p_jiffies == MAX_JIFFY_OFFSET)
 +	if (min > DIM_INTERVAL_MAX ||
 +	    (unsigned long)min * DIM_MINUTE_TO_SEC > MAX_SEC_IN_JIFFIES)
 		return -ERANGE;
 +	min_jiffies = (min == 0) ? 0 :
 +		nsecs_to_jiffies64((unsigned long)min * DIM_MINUTE_TO_NSEC);
 +
 	mutex_lock(&dim_core_interval_lock);
 -	measure_interval = p;
 -	atomic_set(&measure_interval_jiffies, p_jiffies);
 -	if (p_jiffies == 0) {
 +	measure_interval = min;
 +	measure_interval_jiffies = min_jiffies;
 +	if (measure_interval == 0) {
 		dim_info("cancel dim timed measure work");
 		cancel_delayed_work_sync(&dim_measure_work);
 	} else {
 -		dim_info("modify dim measure interval to %u min (jittfies = %lu)",
 -			p, p_jiffies);
 -		mod_delayed_work(dim_work_queue, &dim_measure_work, p_jiffies);
 +		dim_info("modify dim measure interval to %u min "
 +			 "(jittfies = 0x%lx)", min, min_jiffies);
 +		mod_delayed_work(dim_work_queue, &dim_measure_work,
 +				 min_jiffies);
 	}
 	mutex_unlock(&dim_core_interval_lock);
@@ -154,7 +165,7 @@ static void dim_worker_work_cb(struct work_struct *work)
 	unsigned long p;
 	do_measure();
 -	p = atomic_read(&measure_interval_jiffies);
 +	p = dim_core_interval_jiffies_get();
 	if (p != 0)
 		queue_delayed_work(dim_work_queue, &dim_measure_work, p);
 }
 diff --git a/src/core/dim_core_measure.h b/src/core/dim_core_measure.h
 index c9f0647..c9abc4e 100644
 --- a/src/core/dim_core_measure.h
 +++ b/src/core/dim_core_measure.h
@@ -9,7 +9,8 @@
 /* max measure interval = 1 year */
 #define DIM_INTERVAL_MAX (365 * 24 * 60)
 -#define DIM_MINUTE_TO_MSEC (60 * 1000)
 +#define DIM_MINUTE_TO_SEC (60UL)
 +#define DIM_MINUTE_TO_NSEC (60UL * 1000 * 1000 * 1000)
 /* max number of kill tasks */
 #define DIM_KILL_TASKS_MAX (1024)
 /* limit of measure parameter */
 -- 
 2.33.0
--- a/dim.spec
+++ b/dim.spec
@ -4,13 +4,14 @@
 Name         :  dim
 Summary      :  Dynamic Integrity Measurement
 Version      :  1.0.2
-Release      :  2
+Release      :  3
 License      :  GPL-2.0
 Source0      :  %{name}-v%{version}.tar.gz
 BuildRequires:  kernel-devel kernel-headers
 Requires     :  kernel
 Patch0001:      Limit-the-max-line-number-of-policy-and-baseline-par.patch
 Patch0002:      Use-jiffies64-interface-to-set-measure-interval.patch
 %description
 Dynamic Integrity Measurement
@ -49,6 +50,9 @@ rm -rf %{buildroot}
 %attr(0400,root,root) /lib/modules/%{kernel_version}/extra/dim/dim_monitor.ko
 %changelog
 * Fri Sep 15 2023 luhuaxin <luhuaxin1@huawei.com> 1.0.2-3
 - Use jiffies64 interface to set measure interval
 * Thu Sep 14 2023 luhuaxin <luhuaxin1@huawei.com> 1.0.2-2
 - Limit the max line number of policy and baseline parsing