[PATCH 1/3] ima: keep the integrity state of open files up to date
Eric Biggers
ebiggers at kernel.org
Sun Sep 15 20:24:33 UTC 2019
On Tue, Sep 10, 2019 at 10:04:53AM +0300, Janne Karhunen wrote:
> On Tue, Sep 10, 2019 at 12:39 AM Eric Biggers <ebiggers at kernel.org> wrote:
> > > Core file operations (open, close, sync, msync, truncate) are
> > > now allowed to update the measurement immediately. In order
> > > to maintain sufficient write performance for writes, add a
> > > latency tunable delayed work workqueue for computing the
> > > measurements.
> >
> > This still doesn't make it crash-safe. So why is it okay?
>
> If Android is the load, this makes it crash safe 99% of the time and
> that is considerably better than 0% of the time.
>
Who will use it if it isn't 100% safe?
- Eric
More information about the Linux-security-module-archive
mailing list