Merge "toolbox/libmodprobe: add toolbox to vendor_ramdisk" into main
diff --git a/debuggerd/crash_dump.cpp b/debuggerd/crash_dump.cpp
index a23a269..203b485 100644
--- a/debuggerd/crash_dump.cpp
+++ b/debuggerd/crash_dump.cpp
@@ -143,7 +143,7 @@
}
static bool activity_manager_notify(pid_t pid, int signal, const std::string& amfd_data,
- bool recoverable_gwp_asan_crash) {
+ bool recoverable_crash) {
ATRACE_CALL();
android::base::unique_fd amfd(socket_local_client(
"/data/system/ndebugsocket", ANDROID_SOCKET_NAMESPACE_FILESYSTEM, SOCK_STREAM));
@@ -169,7 +169,7 @@
// Activity Manager protocol:
// - 32-bit network-byte-order: pid
// - 32-bit network-byte-order: signal number
- // - byte: recoverable_gwp_asan_crash
+ // - byte: recoverable_crash
// - bytes: raw text of the dump
// - null terminator
@@ -185,10 +185,9 @@
return false;
}
- uint8_t recoverable_gwp_asan_crash_byte = recoverable_gwp_asan_crash ? 1 : 0;
- if (!android::base::WriteFully(amfd, &recoverable_gwp_asan_crash_byte,
- sizeof(recoverable_gwp_asan_crash_byte))) {
- PLOG(ERROR) << "AM recoverable_gwp_asan_crash_byte write failed";
+ uint8_t recoverable_crash_byte = recoverable_crash ? 1 : 0;
+ if (!android::base::WriteFully(amfd, &recoverable_crash_byte, sizeof(recoverable_crash_byte))) {
+ PLOG(ERROR) << "AM recoverable_crash_byte write failed";
return false;
}
@@ -280,11 +279,11 @@
static void ReadCrashInfo(unique_fd& fd, siginfo_t* siginfo,
std::unique_ptr<unwindstack::Regs>* regs, ProcessInfo* process_info,
- bool* recoverable_gwp_asan_crash) {
+ bool* recoverable_crash) {
std::aligned_storage<sizeof(CrashInfo) + 1, alignof(CrashInfo)>::type buf;
CrashInfo* crash_info = reinterpret_cast<CrashInfo*>(&buf);
ssize_t rc = TEMP_FAILURE_RETRY(read(fd.get(), &buf, sizeof(buf)));
- *recoverable_gwp_asan_crash = false;
+ *recoverable_crash = false;
if (rc == -1) {
PLOG(FATAL) << "failed to read target ucontext";
} else {
@@ -321,7 +320,7 @@
process_info->scudo_region_info = crash_info->data.d.scudo_region_info;
process_info->scudo_ring_buffer = crash_info->data.d.scudo_ring_buffer;
process_info->scudo_ring_buffer_size = crash_info->data.d.scudo_ring_buffer_size;
- *recoverable_gwp_asan_crash = crash_info->data.d.recoverable_gwp_asan_crash;
+ *recoverable_crash = crash_info->data.d.recoverable_crash;
process_info->crash_detail_page = crash_info->data.d.crash_detail_page;
FALLTHROUGH_INTENDED;
case 1:
@@ -487,7 +486,7 @@
std::map<pid_t, ThreadInfo> thread_info;
siginfo_t siginfo;
std::string error;
- bool recoverable_gwp_asan_crash = false;
+ bool recoverable_crash = false;
{
ATRACE_NAME("ptrace");
@@ -539,8 +538,7 @@
if (thread == g_target_thread) {
// Read the thread's registers along with the rest of the crash info out of the pipe.
- ReadCrashInfo(input_pipe, &siginfo, &info.registers, &process_info,
- &recoverable_gwp_asan_crash);
+ ReadCrashInfo(input_pipe, &siginfo, &info.registers, &process_info, &recoverable_crash);
info.siginfo = &siginfo;
info.signo = info.siginfo->si_signo;
@@ -670,7 +668,7 @@
if (fatal_signal) {
// Don't try to notify ActivityManager if it just crashed, or we might hang until timeout.
if (thread_info[target_process].thread_name != "system_server") {
- activity_manager_notify(target_process, signo, amfd_data, recoverable_gwp_asan_crash);
+ activity_manager_notify(target_process, signo, amfd_data, recoverable_crash);
}
}
diff --git a/debuggerd/handler/debuggerd_handler.cpp b/debuggerd/handler/debuggerd_handler.cpp
index 141723b..25031bf 100644
--- a/debuggerd/handler/debuggerd_handler.cpp
+++ b/debuggerd/handler/debuggerd_handler.cpp
@@ -275,10 +275,6 @@
}
}
-static pid_t __fork() {
- return clone(nullptr, nullptr, 0, nullptr);
-}
-
// Double-clone, with CLONE_FILES to share the file descriptor table for kcmp validation.
// Returns 0 in the orphaned child, the pid of the orphan in the original process, or -1 on failure.
static void create_vm_process() {
@@ -396,7 +392,7 @@
ASSERT_SAME_OFFSET(scudo_ring_buffer, scudo_ring_buffer);
ASSERT_SAME_OFFSET(scudo_ring_buffer_size, scudo_ring_buffer_size);
ASSERT_SAME_OFFSET(scudo_stack_depot_size, scudo_stack_depot_size);
- ASSERT_SAME_OFFSET(recoverable_gwp_asan_crash, recoverable_gwp_asan_crash);
+ ASSERT_SAME_OFFSET(recoverable_crash, recoverable_crash);
ASSERT_SAME_OFFSET(crash_detail_page, crash_detail_page);
#undef ASSERT_SAME_OFFSET
@@ -426,7 +422,7 @@
}
// Don't use fork(2) to avoid calling pthread_atfork handlers.
- pid_t crash_dump_pid = __fork();
+ pid_t crash_dump_pid = _Fork();
if (crash_dump_pid == -1) {
async_safe_format_log(ANDROID_LOG_FATAL, "libc",
"failed to fork in debuggerd signal handler: %s", strerror(errno));
@@ -573,6 +569,7 @@
}
gwp_asan_callbacks_t gwp_asan_callbacks = {};
+ bool recoverable_gwp_asan_crash = false;
if (g_callbacks.get_gwp_asan_callbacks != nullptr) {
// GWP-ASan catches use-after-free and heap-buffer-overflow by using PROT_NONE
// guard pages, which lead to SEGV. Normally, debuggerd prints a bug report
@@ -587,10 +584,30 @@
gwp_asan_callbacks.debuggerd_gwp_asan_post_crash_report &&
gwp_asan_callbacks.debuggerd_needs_gwp_asan_recovery(info->si_addr)) {
gwp_asan_callbacks.debuggerd_gwp_asan_pre_crash_report(info->si_addr);
- process_info.recoverable_gwp_asan_crash = true;
+ recoverable_gwp_asan_crash = true;
+ process_info.recoverable_crash = true;
}
}
+ if (info->si_signo == SIGSEGV &&
+ (info->si_code == SEGV_MTESERR || info->si_code == SEGV_MTEAERR) && is_permissive_mte()) {
+ process_info.recoverable_crash = true;
+ // If we are in permissive MTE mode, we do not crash, but instead disable MTE on this thread,
+ // and then let the failing instruction be retried. The second time should work (except
+ // if there is another non-MTE fault).
+ int tagged_addr_ctrl = prctl(PR_GET_TAGGED_ADDR_CTRL, 0, 0, 0, 0);
+ if (tagged_addr_ctrl < 0) {
+ fatal_errno("failed to PR_GET_TAGGED_ADDR_CTRL");
+ }
+ tagged_addr_ctrl = (tagged_addr_ctrl & ~PR_MTE_TCF_MASK) | PR_MTE_TCF_NONE;
+ if (prctl(PR_SET_TAGGED_ADDR_CTRL, tagged_addr_ctrl, 0, 0, 0) < 0) {
+ fatal_errno("failed to PR_SET_TAGGED_ADDR_CTRL");
+ }
+ async_safe_format_log(ANDROID_LOG_ERROR, "libc",
+ "MTE ERROR DETECTED BUT RUNNING IN PERMISSIVE MODE. CONTINUING.");
+ pthread_mutex_unlock(&crash_mutex);
+ }
+
// If sival_int is ~0, it means that the fallback handler has been called
// once before and this function is being called again to dump the stack
// of a specific thread. It is possible that the prctl call might return 1,
@@ -602,7 +619,7 @@
// you can only set NO_NEW_PRIVS to 1, and the effect should be at worst a single missing
// ANR trace.
debuggerd_fallback_handler(info, ucontext, process_info.abort_msg);
- if (no_new_privs && process_info.recoverable_gwp_asan_crash) {
+ if (no_new_privs && recoverable_gwp_asan_crash) {
gwp_asan_callbacks.debuggerd_gwp_asan_post_crash_report(info->si_addr);
return;
}
@@ -679,29 +696,14 @@
// If the signal is fatal, don't unlock the mutex to prevent other crashing threads from
// starting to dump right before our death.
pthread_mutex_unlock(&crash_mutex);
- } else if (process_info.recoverable_gwp_asan_crash) {
- gwp_asan_callbacks.debuggerd_gwp_asan_post_crash_report(info->si_addr);
+ } else if (process_info.recoverable_crash) {
+ if (recoverable_gwp_asan_crash) {
+ gwp_asan_callbacks.debuggerd_gwp_asan_post_crash_report(info->si_addr);
+ }
pthread_mutex_unlock(&crash_mutex);
}
#ifdef __aarch64__
- else if (info->si_signo == SIGSEGV &&
- (info->si_code == SEGV_MTESERR || info->si_code == SEGV_MTEAERR) &&
- is_permissive_mte()) {
- // If we are in permissive MTE mode, we do not crash, but instead disable MTE on this thread,
- // and then let the failing instruction be retried. The second time should work (except
- // if there is another non-MTE fault).
- int tagged_addr_ctrl = prctl(PR_GET_TAGGED_ADDR_CTRL, 0, 0, 0, 0);
- if (tagged_addr_ctrl < 0) {
- fatal_errno("failed to PR_GET_TAGGED_ADDR_CTRL");
- }
- tagged_addr_ctrl = (tagged_addr_ctrl & ~PR_MTE_TCF_MASK) | PR_MTE_TCF_NONE;
- if (prctl(PR_SET_TAGGED_ADDR_CTRL, tagged_addr_ctrl, 0, 0, 0) < 0) {
- fatal_errno("failed to PR_SET_TAGGED_ADDR_CTRL");
- }
- async_safe_format_log(ANDROID_LOG_ERROR, "libc",
- "MTE ERROR DETECTED BUT RUNNING IN PERMISSIVE MODE. CONTINUING.");
- pthread_mutex_unlock(&crash_mutex);
- } else if (info->si_signo == SIGSEGV && info->si_code == SEGV_MTEAERR && getppid() == 1) {
+ else if (info->si_signo == SIGSEGV && info->si_code == SEGV_MTEAERR && getppid() == 1) {
// Back channel to init (see system/core/init/service.cpp) to signal that
// this process crashed due to an ASYNC MTE fault and should be considered
// for upgrade to SYNC mode. We are re-using the ART profiler signal, which
@@ -761,18 +763,7 @@
debuggerd_register_handlers(&action);
}
-// When debuggerd's signal handler is the first handler called, it's great at
-// handling the recoverable GWP-ASan mode. For apps, sigchain (from libart) is
-// always the first signal handler, and so the following function is what
-// sigchain must call before processing the signal. This allows for processing
-// of a potentially recoverable GWP-ASan crash. If the signal requires GWP-ASan
-// recovery, then dump a report (via the regular debuggerd hanndler), and patch
-// up the allocator, and allow the process to continue (indicated by returning
-// 'true'). If the crash has nothing to do with GWP-ASan, or recovery isn't
-// possible, return 'false'.
-bool debuggerd_handle_signal(int signal_number, siginfo_t* info, void* context) {
- if (signal_number != SIGSEGV || !signal_has_si_addr(info)) return false;
-
+bool debuggerd_handle_gwp_asan_signal(int signal_number, siginfo_t* info, void* context) {
if (g_callbacks.get_gwp_asan_callbacks == nullptr) return false;
gwp_asan_callbacks_t gwp_asan_callbacks = g_callbacks.get_gwp_asan_callbacks();
if (gwp_asan_callbacks.debuggerd_needs_gwp_asan_recovery == nullptr ||
@@ -810,3 +801,33 @@
pthread_mutex_unlock(&first_crash_mutex);
return true;
}
+
+// When debuggerd's signal handler is the first handler called, it's great at
+// handling the recoverable GWP-ASan and permissive MTE modes. For apps,
+// sigchain (from libart) is always the first signal handler, and so the
+// following function is what sigchain must call before processing the signal.
+// This allows for processing of a potentially recoverable GWP-ASan or MTE
+// crash. If the signal requires recovery, then dump a report (via the regular
+// debuggerd hanndler), and patch up the allocator (in the case of GWP-ASan) or
+// disable MTE on the thread, and allow the process to continue (indicated by
+// returning 'true'). If the crash has nothing to do with GWP-ASan/MTE, or
+// recovery isn't possible, return 'false'.
+bool debuggerd_handle_signal(int signal_number, siginfo_t* info, void* context) {
+ if (signal_number != SIGSEGV) return false;
+ if (info->si_code == SEGV_MTEAERR || info->si_code == SEGV_MTESERR) {
+ if (!is_permissive_mte()) return false;
+ // Because permissive MTE disables MTE for the entire thread, we're less
+ // worried about getting a whole bunch of crashes in a row. ActivityManager
+ // doesn't like multiple native crashes for an app in a short period of time
+ // (see the comment about recoverable GWP-ASan in
+ // `debuggerd_handle_gwp_asan_signal`), but that shouldn't happen if MTE is
+ // disabled for the entire thread. This might need to be changed if there's
+ // some low-hanging bug that happens across multiple threads in quick
+ // succession.
+ debuggerd_signal_handler(signal_number, info, context);
+ return true;
+ }
+
+ if (!signal_has_si_addr(info)) return false;
+ return debuggerd_handle_gwp_asan_signal(signal_number, info, context);
+}
diff --git a/debuggerd/include/debuggerd/handler.h b/debuggerd/include/debuggerd/handler.h
index c18cf6e..954f049 100644
--- a/debuggerd/include/debuggerd/handler.h
+++ b/debuggerd/include/debuggerd/handler.h
@@ -47,7 +47,7 @@
const char* scudo_ring_buffer;
size_t scudo_ring_buffer_size;
size_t scudo_stack_depot_size;
- bool recoverable_gwp_asan_crash;
+ bool recoverable_crash;
struct crash_detail_page_t* crash_detail_page;
};
diff --git a/debuggerd/protocol.h b/debuggerd/protocol.h
index d3fc15e..9af7377 100644
--- a/debuggerd/protocol.h
+++ b/debuggerd/protocol.h
@@ -100,7 +100,7 @@
uintptr_t scudo_ring_buffer;
size_t scudo_ring_buffer_size;
size_t scudo_stack_depot_size;
- bool recoverable_gwp_asan_crash;
+ bool recoverable_crash;
uintptr_t crash_detail_page;
};
diff --git a/debuggerd/tombstoned/tombstoned.cpp b/debuggerd/tombstoned/tombstoned.cpp
index e2a67a2..75ae9f8 100644
--- a/debuggerd/tombstoned/tombstoned.cpp
+++ b/debuggerd/tombstoned/tombstoned.cpp
@@ -96,7 +96,7 @@
class CrashQueue {
public:
CrashQueue(const std::string& dir_path, const std::string& file_name_prefix, size_t max_artifacts,
- size_t max_concurrent_dumps, bool supports_proto)
+ size_t max_concurrent_dumps, bool supports_proto, bool world_readable)
: file_name_prefix_(file_name_prefix),
dir_path_(dir_path),
dir_fd_(open(dir_path.c_str(), O_DIRECTORY | O_RDONLY | O_CLOEXEC)),
@@ -104,7 +104,8 @@
next_artifact_(0),
max_concurrent_dumps_(max_concurrent_dumps),
num_concurrent_dumps_(0),
- supports_proto_(supports_proto) {
+ supports_proto_(supports_proto),
+ world_readable_(world_readable) {
if (dir_fd_ == -1) {
PLOG(FATAL) << "failed to open directory: " << dir_path;
}
@@ -127,14 +128,16 @@
static CrashQueue* for_tombstones() {
static CrashQueue queue("/data/tombstones", "tombstone_" /* file_name_prefix */,
GetIntProperty("tombstoned.max_tombstone_count", 32),
- 1 /* max_concurrent_dumps */, true /* supports_proto */);
+ 1 /* max_concurrent_dumps */, true /* supports_proto */,
+ true /* world_readable */);
return &queue;
}
static CrashQueue* for_anrs() {
static CrashQueue queue("/data/anr", "trace_" /* file_name_prefix */,
GetIntProperty("tombstoned.max_anr_count", 64),
- 4 /* max_concurrent_dumps */, false /* supports_proto */);
+ 4 /* max_concurrent_dumps */, false /* supports_proto */,
+ false /* world_readable */);
return &queue;
}
@@ -147,10 +150,12 @@
PLOG(FATAL) << "failed to create temporary tombstone in " << dir_path_;
}
- // We need to fchmodat after creating to avoid getting the umask applied.
- std::string fd_path = StringPrintf("/proc/self/fd/%d", result.fd.get());
- if (fchmodat(dir_fd_, fd_path.c_str(), 0664, 0) != 0) {
- PLOG(ERROR) << "Failed to make tombstone world-readable";
+ if (world_readable_) {
+ // We need to fchmodat after creating to avoid getting the umask applied.
+ std::string fd_path = StringPrintf("/proc/self/fd/%d", result.fd.get());
+ if (fchmodat(dir_fd_, fd_path.c_str(), 0664, 0) != 0) {
+ PLOG(ERROR) << "Failed to make tombstone world-readable";
+ }
}
return std::move(result);
@@ -262,6 +267,7 @@
size_t num_concurrent_dumps_;
bool supports_proto_;
+ bool world_readable_;
std::deque<std::unique_ptr<Crash>> queued_requests_;
diff --git a/fs_mgr/libdm/dm.cpp b/fs_mgr/libdm/dm.cpp
index e261aa3..fee67fdf 100644
--- a/fs_mgr/libdm/dm.cpp
+++ b/fs_mgr/libdm/dm.cpp
@@ -39,6 +39,9 @@
#ifndef DM_DEFERRED_REMOVE
#define DM_DEFERRED_REMOVE (1 << 17)
#endif
+#ifndef DM_IMA_MEASUREMENT_FLAG
+#define DM_IMA_MEASUREMENT_FLAG (1 << 19)
+#endif
namespace android {
namespace dm {
@@ -540,6 +543,10 @@
return GetTable(name, 0, table);
}
+bool DeviceMapper::GetTableStatusIma(const std::string& name, std::vector<TargetInfo>* table) {
+ return GetTable(name, DM_IMA_MEASUREMENT_FLAG, table);
+}
+
bool DeviceMapper::GetTableInfo(const std::string& name, std::vector<TargetInfo>* table) {
return GetTable(name, DM_STATUS_TABLE_FLAG, table);
}
diff --git a/fs_mgr/libdm/include/libdm/dm.h b/fs_mgr/libdm/include/libdm/dm.h
index 22c475f..fa97653 100644
--- a/fs_mgr/libdm/include/libdm/dm.h
+++ b/fs_mgr/libdm/include/libdm/dm.h
@@ -78,6 +78,7 @@
virtual bool LoadTable(const std::string& name, const DmTable& table) = 0;
virtual bool GetTableInfo(const std::string& name, std::vector<TargetInfo>* table) = 0;
virtual bool GetTableStatus(const std::string& name, std::vector<TargetInfo>* table) = 0;
+ virtual bool GetTableStatusIma(const std::string& name, std::vector<TargetInfo>* table) = 0;
virtual bool GetDmDevicePathByName(const std::string& name, std::string* path) = 0;
virtual bool GetDeviceString(const std::string& name, std::string* dev) = 0;
virtual bool DeleteDeviceIfExists(const std::string& name) = 0;
@@ -267,6 +268,12 @@
// false.
bool GetTableStatus(const std::string& name, std::vector<TargetInfo>* table) override;
+ // Query the status of a table, given a device name. The output vector will
+ // contain IMA TargetInfo for each target in the table. If the device does
+ // not exist, or there were too many targets, the call will fail and return
+ // false.
+ bool GetTableStatusIma(const std::string& name, std::vector<TargetInfo>* table) override;
+
// Identical to GetTableStatus, except also retrives the active table for the device
// mapper device from the kernel.
bool GetTableInfo(const std::string& name, std::vector<TargetInfo>* table) override;
diff --git a/fs_mgr/libsnapshot/include_test/libsnapshot/test_helpers.h b/fs_mgr/libsnapshot/include_test/libsnapshot/test_helpers.h
index 5e9f049..90813fe 100644
--- a/fs_mgr/libsnapshot/include_test/libsnapshot/test_helpers.h
+++ b/fs_mgr/libsnapshot/include_test/libsnapshot/test_helpers.h
@@ -155,6 +155,9 @@
virtual bool GetTableStatus(const std::string& name, std::vector<TargetInfo>* table) {
return impl_.GetTableStatus(name, table);
}
+ virtual bool GetTableStatusIma(const std::string& name, std::vector<TargetInfo>* table) {
+ return impl_.GetTableStatusIma(name, table);
+ }
virtual bool GetDmDevicePathByName(const std::string& name, std::string* path) {
return impl_.GetDmDevicePathByName(name, path);
}
diff --git a/fs_mgr/libsnapshot/libsnapshot_cow/writer_v3.cpp b/fs_mgr/libsnapshot/libsnapshot_cow/writer_v3.cpp
index de2e528..ea1da4b 100644
--- a/fs_mgr/libsnapshot/libsnapshot_cow/writer_v3.cpp
+++ b/fs_mgr/libsnapshot/libsnapshot_cow/writer_v3.cpp
@@ -173,7 +173,7 @@
batch_size_ = std::max<size_t>(options_.cluster_ops, 1);
data_vec_.reserve(batch_size_);
cached_data_.reserve(batch_size_);
- cached_ops_.reserve(batch_size_);
+ cached_ops_.reserve(batch_size_ * kNonDataOpBufferSize);
}
if (batch_size_ > 1) {
@@ -342,7 +342,8 @@
// Allow bigger batch sizes for ops without data. A single CowOperationV3
// struct uses 14 bytes of memory, even if we cache 200 * 16 ops in memory,
// it's only ~44K.
- return cached_data_.size() >= batch_size_ || cached_ops_.size() >= batch_size_ * 16;
+ return cached_data_.size() >= batch_size_ ||
+ cached_ops_.size() >= batch_size_ * kNonDataOpBufferSize;
}
bool CowWriterV3::ConstructCowOpCompressedBuffers(uint64_t new_block_start, const void* data,
diff --git a/fs_mgr/libsnapshot/libsnapshot_cow/writer_v3.h b/fs_mgr/libsnapshot/libsnapshot_cow/writer_v3.h
index 48eb67b..e2dc698 100644
--- a/fs_mgr/libsnapshot/libsnapshot_cow/writer_v3.h
+++ b/fs_mgr/libsnapshot/libsnapshot_cow/writer_v3.h
@@ -28,6 +28,9 @@
namespace snapshot {
using namespace android::storage_literals;
+// This is a multiple on top of the number of data ops that can be stored in our cache at once. This
+// is added so that we can cache more non-data ops as it takes up less space.
+static constexpr uint32_t kNonDataOpBufferSize = 16;
class CowWriterV3 : public CowWriterBase {
public:
diff --git a/fs_mgr/tools/dmctl.cpp b/fs_mgr/tools/dmctl.cpp
index 9dc8c24..f843821 100644
--- a/fs_mgr/tools/dmctl.cpp
+++ b/fs_mgr/tools/dmctl.cpp
@@ -52,6 +52,7 @@
std::cerr << " list <devices | targets> [-v]" << std::endl;
std::cerr << " getpath <dm-name>" << std::endl;
std::cerr << " getuuid <dm-name>" << std::endl;
+ std::cerr << " ima <dm-name>" << std::endl;
std::cerr << " info <dm-name>" << std::endl;
std::cerr << " replace <dm-name> <targets...>" << std::endl;
std::cerr << " status <dm-name>" << std::endl;
@@ -508,7 +509,14 @@
<< std::endl;
return -EINVAL;
}
+ } else if (mode == "ima") {
+ if (!dm.GetTableStatusIma(argv[0], &table)) {
+ std::cerr << "Could not query table status of device \"" << argv[0] << "\"."
+ << std::endl;
+ return -EINVAL;
+ }
}
+
std::cout << "Targets in the device-mapper table for " << argv[0] << ":" << std::endl;
for (const auto& target : table) {
std::cout << target.spec.sector_start << "-"
@@ -530,6 +538,10 @@
return DumpTable("status", argc, argv);
}
+static int ImaCmdHandler(int argc, char** argv) {
+ return DumpTable("ima", argc, argv);
+}
+
static int ResumeCmdHandler(int argc, char** argv) {
if (argc != 1) {
std::cerr << "Invalid arguments, see \'dmctl help\'" << std::endl;
@@ -570,6 +582,7 @@
{"info", InfoCmdHandler},
{"table", TableCmdHandler},
{"status", StatusCmdHandler},
+ {"ima", ImaCmdHandler},
{"resume", ResumeCmdHandler},
{"suspend", SuspendCmdHandler},
// clang-format on