[RFC PATCH 3/3] fs: detect that the i_rwsem has already been taken exclusively
Mimi Zohar
zohar at linux.vnet.ibm.com
Sun Oct 1 12:08:11 UTC 2017
On Sat, 2017-09-30 at 18:56 -0700, Linus Torvalds wrote:
> On Sep 30, 2017 18:33, "Eric W. Biederman" <ebiederm at xmission.com> wrote:.
>
>
> That would require a task_work or another kind of work callback so that
> the writes of the xattr are not synchronous with the vfs callback
> correct?
>
>
> No, why?
>
> You should just invalidate the IMA on xattr write or other operations that
> make the measurement invalid. You only need the inner lock.
Right, re-introducing the iint->mutex and a new i_generation field in
the iint struct with a separate set of locks should work. It will be
reset if the file metadata changes (eg. setxattr, chown, chmod).
(We need i_generation for namespacing IMA as well.)
thanks,
Mimi
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list