From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-fsdevel-owner@vger.kernel.org>
Received: from verein.lst.de ([213.95.11.211]:50100 "EHLO newverein.lst.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751419AbdEJNYB (ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
        Wed, 10 May 2017 09:24:01 -0400
Date: Wed, 10 May 2017 15:24:00 +0200
From: Christoph Hellwig <hch@lst.de>
To: Boaz Harrosh <boaz@plexistor.com>
Cc: Christoph Hellwig <hch@lst.de>, Al Viro <viro@zeniv.linux.org.uk>,
        Mimi Zohar <zohar@linux.vnet.ibm.com>,
        linux-fsdevel@vger.kernel.org,
        linux-ima-devel@lists.sourceforge.net,
        linux-security-module@vger.kernel.org
Subject: Re: [PATCH] security/ima: use fs method to read integrity data
Message-ID: <20170510132359.GA22549@lst.de>
References: <20170510064507.1764-1-hch@lst.de> <20170510064507.1764-2-hch@lst.de> <a552827e-922d-0b28-2919-90c780a8a414@plexistor.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <a552827e-922d-0b28-2919-90c780a8a414@plexistor.com>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

On Wed, May 10, 2017 at 03:20:41PM +0300, Boaz Harrosh wrote:
> Would you not want to call ->read_iter() in the NULL case
> and have all FSs supported as today?

As IMA has particular requirements on the fs (e.g. that it can
read with i_rwsem held as seen in this patch, or useful i_version
which only the file systems converted in this patch do), having
an explicit opt-in seems much safer.  This optional method is
a very easy way to provide this opt-in behavior.