File _service:obs_scm:backport-use-fs-interface-to-s... of Package dim

File _service:obs_scm:backport-use-fs-interface-to-set-measure-action.patch of Package dim

From 1be543b4082c7cf516d11408abf35d1b3ec67254 Mon Sep 17 00:00:00 2001
From: Huaxin Lu <luhuaxin1@huawei.com>
Date: Mon, 29 Apr 2024 22:27:49 +0800
Subject: [PATCH 02/28] use fs interface to set measure action

---
 src/core/dim_core_fs.c                          | 11 +++++++++++
 src/core/dim_core_main.c                        |  4 ----
 src/core/dim_core_measure.c                     | 17 +++++++++++++++++
 src/core/dim_core_measure.h                     |  9 ++++++++-
 .../dim_core_measure_process.c                  |  3 ++-
 5 files changed, 38 insertions(+), 6 deletions(-)

diff --git a/src/core/dim_core_fs.c b/src/core/dim_core_fs.c
index 4d6bdd4..4a82e53 100644
--- a/src/core/dim_core_fs.c
+++ b/src/core/dim_core_fs.c
@@ -53,6 +53,16 @@ dim_string_print_entry(dim_status, runtime_status, dim_core_status_print);
 dim_uint_rw_entry(dim_interval, interval, dim_core_interval_get,
 		  dim_core_interval_set);
 
+/*
+ * measure action set and read interface
+ * dim_entry struct: dim_tampered_action_entry
+ * file entry name: tampered_action
+ * read function: dim_core_measure_action_get
+ * write function: dim_core_measure_action_set
+ */
+dim_uint_rw_entry(dim_tampered_action, tampered_action,
+		  dim_core_measure_action_get, dim_core_measure_action_set);
+
 /*
  * dim directory
  */
@@ -69,6 +79,7 @@ static struct dim_entry *dim_core_files[] = {
 	&dim_measure_log_entry,
 	&dim_status_entry,
 	&dim_interval_entry,
+	&dim_tampered_action_entry,
 };
 
 void dim_core_destroy_fs(void)
diff --git a/src/core/dim_core_main.c b/src/core/dim_core_main.c
index c62fa09..de18d66 100644
--- a/src/core/dim_core_main.c
+++ b/src/core/dim_core_main.c
@@ -33,15 +33,11 @@ MODULE_PARM_DESC(measure_pcr, "TPM PCR index to extend measure log");
 
 /* special measurement configuration for dim_core */
 static unsigned int measure_interval = 0;
-bool dim_core_measure_action_enabled = 0;
 static bool signature = false;
 
 module_param(measure_interval, uint, 0);
 MODULE_PARM_DESC(measure_interval, "Interval time (min) for automatic measurement");
 
-module_param_named(measure_action, dim_core_measure_action_enabled, bool, 0);
-MODULE_PARM_DESC(signature, "Enable actions when tampering detected");
-
 module_param(signature, bool, 0);
 MODULE_PARM_DESC(signature, "Require signature for policy and static baseline");
 
diff --git a/src/core/dim_core_measure.c b/src/core/dim_core_measure.c
index f5b378c..6b8cd49 100644
--- a/src/core/dim_core_measure.c
+++ b/src/core/dim_core_measure.c
@@ -32,6 +32,7 @@ static struct work_struct dim_baseline_work;
 
 /* special measurement parameters for dim_core */
 static atomic_t measure_interval = ATOMIC_INIT(0);
+static atomic_t measure_action = ATOMIC_INIT(0);
 
 /* interface to print measure status string */
 const char *dim_core_status_print(void)
@@ -39,6 +40,22 @@ const char *dim_core_status_print(void)
 	return dim_measure_status_print(&dim_core_handle);
 }
 
+/* interface to get tampered action */
+long dim_core_measure_action_get(void)
+{
+	return atomic_read(&measure_action);
+}
+
+/* interface to set measure action */
+int dim_core_measure_action_set(unsigned int act)
+{
+	if (act >= DIM_MEASURE_ACTION_MAX)
+		return -ERANGE;
+
+	atomic_set(&measure_action, act);
+	return 0;
+}
+
 /* interface to get measure interval */
 long dim_core_interval_get(void)
 {
diff --git a/src/core/dim_core_measure.h b/src/core/dim_core_measure.h
index 3522ba0..a91d0b3 100644
--- a/src/core/dim_core_measure.h
+++ b/src/core/dim_core_measure.h
@@ -16,7 +16,12 @@
 #define DIM_MINUTE_TO_SEC (60UL)
 #define DIM_MINUTE_TO_NSEC (60UL * 1000 * 1000 * 1000)
 
-extern bool dim_core_measure_action_enabled;
+enum dim_measure_action {
+	DIM_MEASURE_ACTION_DISABLE,
+	DIM_MEASURE_ACTION_ENABLE,
+	DIM_MEASURE_ACTION_MAX,
+};
+
 extern struct dim_measure dim_core_handle;
 
 /* global init and destroy */
@@ -25,6 +30,8 @@ void dim_core_measure_destroy(void);
 
 /* control function for measurement parameters */
 const char *dim_core_status_print(void);
+long dim_core_measure_action_get(void);
+int dim_core_measure_action_set(unsigned int act);
 long dim_core_interval_get(void);
 int dim_core_interval_set(unsigned int p);
 long dim_core_tampered_action_get(void);
diff --git a/src/core/tasks/dim_core_measure_process/dim_core_measure_process.c b/src/core/tasks/dim_core_measure_process/dim_core_measure_process.c
index 8522085..643b661 100644
--- a/src/core/tasks/dim_core_measure_process/dim_core_measure_process.c
+++ b/src/core/tasks/dim_core_measure_process/dim_core_measure_process.c
@@ -134,7 +134,8 @@ static int check_process_digest(struct dim_digest *digest,
 		return ret;
 	}
 
-	if (log_flag != LOG_TAMPERED || !dim_core_measure_action_enabled)
+	if (log_flag != LOG_TAMPERED ||
+	    dim_core_measure_action_get() == DIM_MEASURE_ACTION_DISABLE)
 		return 0;
 
 	/* now the process is tampered, check if action need to be taken */
-- 
2.33.0