[systemd-devel] Revert commit "ma-setup: simplify"

[Patrick Ohly]

On Mon, 2015-06-01 at 10:05 -0400, Mimi Zohar wrote:
> On Mon, 2015-06-01 at 14:02 +0000, Zbigniew Jędrzejewski-Szmek wrote:
> > On Mon, Jun 01, 2015 at 08:57:57AM -0400, Mimi Zohar wrote:
> > > The original systemd IMA module loaded the IMA policy by mmaping the
> > > file into memory and then writing the entire file to
> > > <securityfs>/ima/policy.  By changing this behavior of writing the
> > > entire file,  commit 4dfb18922d5d "ima-setup: simplify"  broke IMA
> > > policy loading.
> > > 
> > > Please revert commit 4dfb18922d5d1efb13ee459cbf23832277f85ed7 and the
> > > related hunk from commit 7430ec6ac08f2c0416d9f806964c46b30f3862b2.
> > I'm pretty sure that whether the input file was mmaped or read using
> > read() cannot influence the rresult.The difference must come from the
> > way that the output file is written. Current code also eventually calls
> > loop_write, except that it writes in chunks of COPY_BUFFER_SIZE (16*1024).
> > Previous code tried to write everything in one go. Does the output
> > file have to be written using one write() call?
> 
> Yes

.. because splitting into chunks may truncate in the middle of an IMA
rule, which then leads to parse errors (each write is parsed
separately).

That's the conceptual issue I had with the change. But as Mimi said,
it's unlikely to hit in practice. What's failing is continuing with
sendfile() or regular write() after the /sys virtual file has parsed the
first line and reported back a partial write. See
http://sourceforge.net/p/linux-ima/mailman/message/34145236/ for more
information.

-- 
Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.