From mboxrd@z Thu Jan  1 00:00:00 1970
From: Christoph Hellwig <hch@infradead.org>
Subject: Re: [PATCH 1/3] IMA: move read/write counters into struct inode
Date: Mon, 18 Oct 2010 21:30:38 -0400
Message-ID: <20101019013037.GA31393@infradead.org>
References: <20101019011650.25346.99614.stgit@paris.rdu.redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: linux-kernel@vger.kenel.org, linux-security-module@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, hch@infradead.org, zohar@us.ibm.com,
	warthog9@kernel.org, david@fromorbit.com, jmorris@namei.org,
	kyle@mcmartin.ca, hpa@zytor.com, akpm@linux-foundation.org,
	torvalds@linux-foundation.org, mingo@elte.hu,
	viro@zeniv.linux.org.uk
To: Eric Paris <eparis@redhat.com>
Return-path: <linux-security-module-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <20101019011650.25346.99614.stgit@paris.rdu.redhat.com>
Sender: linux-security-module-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org


I do not like this at all.   It bloats the inode with three unsigned
long values for a feature no sane person would ever use.  And given
that distros are sweet-talked by IBM to enable it the world will pay
a huge penality for those 0.5% of the userbase that use IMA.

Please reorder your series to have patch to disable IMA unless
explicitly enabled on the kernel command line first, and then second
use the rbtree from your last patch.