From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Christoph Hellwig <hch@lst.de>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>,
linux-xfs@vger.kernel.org, Dave Chinner <david@fromorbit.com>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
Al Viro <viro@ZenIV.linux.org.uk>
Subject: Re: xfs: commit 6552321831dc "xfs: remove i_iolock and use i_rwsem in the VFS inode instead" change causes hang
Date: Sun, 08 Jan 2017 14:39:49 -0500 [thread overview]
Message-ID: <1483904389.2956.43.camel@linux.vnet.ibm.com> (raw)
In-Reply-To: <20170108190955.GA1489@lst.de>
On Sun, 2017-01-08 at 20:09 +0100, Christoph Hellwig wrote:
> On Sun, Jan 08, 2017 at 10:57:28AM -0800, James Bottomley wrote:
> > I'm unsure about the DIO case, so lets try defining the semantics and
> > see if they're implementable for DIO, otherwise simply exclude it.
>
> Let's start with the semantics. First we need to write down what
> IMA requires from the FS, and have an interface how the FS can declare
> that it supports these features. As far as I can tell there are not
> proper feature checks anywhere right now. Once we have done that
> we can move forward from there.
>
> As you seem to be interested in IMA how about you spearhead documenting
> the requirements and adding xfstests support?
In addition to calculating the file hash on open and validating the
hash/signature stored as an xattr, we need a safe mechanism for writing
the file hash on the last __fput(), which is currently being deferred
due to locking issues.
> > OK, so how about we define it. I think we need two vfs calls:
> >
> > inode_block_local_writes(inode)
> > inode_unblock_local_writes(inode)
>
> No. We need an ->ima_measure file_operation, guts of process_measurement
> turned into a library function that the FS can call after taking fs-specific
> locks. And maybe also a small wrapper around it that takes ilock and
> can be used directly for file systems not needing special locking.
So a vfs generic version for those that don't need special locking, with
the option of replacing the vfs generic version with a filesystem
specific one that directly calls the library function.
process_measurements() is a lot more than just calculating the file
hash, adding the hash to the measurement list and extending the TPM. We
could limit it to just calculating the file hash and name it
ima_collect. Or, if you prefer all of process_measurements() it could
be named just ima.
Mimi
> > With semantics that between these two, all write attempts to the file
> > backed by the inode on this system block but reads of the underlying
> > file are allowed (I added local so we don't have to implement for
> > remote filesystems).
>
> How do you define local? Are GFS2 and OCFS2 local? Is XFS with
> outstanding pNFS layout local? Is NFS with the block or SCSI layout
> local because it operates on a block device?
>
> The only sane way is to make INA opt-in with a check list of features
> that need to be supported, and declared to be supported by the fs,
> similar to how we handle NFS exporting.
>
next prev parent reply other threads:[~2017-01-08 19:40 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-08 14:48 xfs: commit 6552321831dc "xfs: remove i_iolock and use i_rwsem in the VFS inode instead" change causes hang Mimi Zohar
2017-01-08 14:52 ` Christoph Hellwig
2017-01-08 15:03 ` Mimi Zohar
2017-01-08 15:14 ` Christoph Hellwig
2017-01-08 15:31 ` Mimi Zohar
2017-01-08 15:37 ` Christoph Hellwig
2017-01-08 16:38 ` Mimi Zohar
2017-01-08 16:43 ` Christoph Hellwig
2017-01-08 17:59 ` James Bottomley
2017-01-08 18:18 ` Christoph Hellwig
2017-01-08 18:57 ` James Bottomley
2017-01-08 19:09 ` Christoph Hellwig
2017-01-08 19:26 ` Al Viro
2017-01-08 20:10 ` Mimi Zohar
2017-01-08 19:39 ` Mimi Zohar [this message]
2017-01-09 19:44 ` Jeff Layton
2017-01-10 2:54 ` Mimi Zohar
2017-01-10 16:22 ` Jeff Layton
2017-01-08 19:16 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1483904389.2956.43.camel@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=david@fromorbit.com \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).