[PATCH 2/2] integrity: replace call to integrity_read_file with kernel version

James Morris jmorris at namei.org
Thu Sep 14 23:21:53 UTC 2017

On Thu, 14 Sep 2017, Christoph Hellwig wrote:

> On Fri, Sep 15, 2017 at 06:21:28AM +1000, James Morris wrote:
> > So, to be clear, this patch solves the XFS deadlock using a different 
> > approach (to the now reverted integrity_read approach), which Christoph 
> > also says is more correct generally.  Correct?
> No.  It is in addition to the previous patches - the patches were
> correct for the IMA interaction with the I/O path.  It just turns
> out that the function was also reused for reading certificates
> at initialization time, for which that change was incorrect.
> If this series is applied first the integrity_read code is not
> used for that path any more.

Ok.  Sorry I hadn't looked at the code in detail at this stage during the 
conference and wanting to just revert back to something that Linus can 
safely pull before the merge window closes.

James Morris
<jmorris at namei.org>

To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

More information about the Linux-security-module-archive mailing list