• Lakshmi Ramasubramanian's avatar
    IMA: Defined delayed workqueue to free the queued keys · 5b3014b9
    Lakshmi Ramasubramanian authored
    Keys queued for measurement should be freed if a custom IMA policy
    was not loaded.  Otherwise, the keys will remain queued forever
    consuming kernel memory.
    
    This patch defines a delayed workqueue to handle the above scenario.
    The workqueue handler is setup to execute 5 minutes after IMA
    initialization is completed.
    
    If a custom IMA policy is loaded before the workqueue handler is
    scheduled to execute, the workqueue task is cancelled and any queued keys
    are processed for measurement.  But if a custom policy was not loaded then
    the queued keys are just freed when the delayed workqueue handler is run.
    Signed-off-by: default avatarLakshmi Ramasubramanian <nramas@linux.microsoft.com>
    Reported-by: kernel test robot <rong.a.chen@intel.com> # sleeping
    function called from invalid context
    Reported-by: kbuild test robot <lkp@intel.com> # redefinition of
    ima_init_key_queue() function.
    Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
    5b3014b9
ima.h 12.5 KB