IMA emulator: improve polling mechanism

[ansasaki]

Currently the polling mechanism is a simple loop.

[ueno]

Last time I looked at it, the file was not pollable:
https://patchwork.kernel.org/project/linux-integrity/patch/[email protected]/
But it's half a year ago and the situation might have changed. @stefanberger do you know of any further update on this area?

[stefanberger]

Sorry, I have no update...

I just tried your v2 patch but it seems to be stuck in poll().

strace tail -f /sys/kernel/security/ima/ascii_runtime_measurements

It should show base64 when I run it but doesn't seem to come back from poll(). It does show base64 on the restart of tail as expected.

I have the following policy on my system:

dont_measure fsmagic=0x9fa0
dont_measure fsmagic=0x62656572
dont_measure fsmagic=0x64626720
dont_measure fsmagic=0x1021994
dont_measure fsmagic=0x1cd1
dont_measure fsmagic=0x42494e4d
dont_measure fsmagic=0x73636673
dont_measure fsmagic=0xf97cff8c
dont_measure fsmagic=0x43415d53
dont_measure fsmagic=0x27e0eb
dont_measure fsmagic=0x63677270
dont_measure fsmagic=0x6e736673
dont_measure fsmagic=0xde5e81e4
measure func=MMAP_CHECK mask=MAY_EXEC
measure func=BPRM_CHECK mask=MAY_EXEC
measure func=FILE_CHECK mask=MAY_READ uid=0

[ueno]

Thank you for checking; let me come up with v3 shortly.