From: zohar@linux.vnet.ibm.com (Mimi Zohar)
To: linux-security-module@vger.kernel.org
Subject: [RFC PATCH 0/3] define new read_iter file operation rwf flag
Date: Thu, 28 Sep 2017 08:39:30 -0400 [thread overview]
Message-ID: <1506602373-4799-1-git-send-email-zohar@linux.vnet.ibm.com> (raw)
This patch set replaces the "integrity_read" file operation method,
as defined in the "ima: use fs method to read integrity data" patch,
with a new read_iter file operation "rwf" flag. (The other patches
are the same.*)
The main difference between these approaches is whether IMA must be
explicitly enabled (opt-in), by defining the "integrity_read" file
operation method for each file system, or enabled by default, with
modifications as needed to the read_iter.
*The entire patch sets can be found in
git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
next-integrity-read and next-read-iter.
Mimi
Mimi Zohar (3):
fs: define new read_iter rwf flag
integrity: use call_read_iter to calculate the file hash
fs: detect that the i_rwsem has already been taken exclusively
arch/s390/hypfs/inode.c | 3 ++-
drivers/block/loop.c | 2 +-
drivers/char/mem.c | 6 ++++--
drivers/gpu/drm/drm_dp_aux_dev.c | 3 ++-
drivers/net/tap.c | 3 ++-
drivers/net/tun.c | 3 ++-
drivers/staging/android/ashmem.c | 3 ++-
drivers/staging/lustre/lustre/llite/file.c | 3 ++-
drivers/staging/lustre/lustre/llite/vvp_io.c | 2 +-
drivers/usb/gadget/function/f_fs.c | 3 ++-
drivers/usb/gadget/legacy/inode.c | 2 +-
drivers/vhost/net.c | 3 ++-
fs/9p/vfs_file.c | 8 +++++---
fs/aio.c | 2 +-
fs/block_dev.c | 4 ++--
fs/ceph/file.c | 5 +++--
fs/cifs/cifsfs.c | 6 +++---
fs/cifs/cifsfs.h | 4 ++--
fs/cifs/file.c | 10 +++++-----
fs/coda/file.c | 2 +-
fs/ecryptfs/file.c | 4 ++--
fs/efivarfs/file.c | 2 +-
fs/ext2/file.c | 16 +++++++++------
fs/ext4/file.c | 20 +++++++++++--------
fs/fuse/cuse.c | 3 ++-
fs/fuse/dev.c | 3 ++-
fs/fuse/file.c | 8 +++++---
fs/hugetlbfs/inode.c | 3 ++-
fs/ncpfs/file.c | 2 +-
fs/nfs/file.c | 4 ++--
fs/nfs/internal.h | 2 +-
fs/ocfs2/file.c | 5 +++--
fs/orangefs/file.c | 3 ++-
fs/pipe.c | 2 +-
fs/read_write.c | 4 ++--
fs/splice.c | 2 +-
fs/xfs/xfs_file.c | 30 +++++++++++++++++-----------
include/linux/fs.h | 10 +++++-----
mm/filemap.c | 3 ++-
mm/shmem.c | 3 ++-
net/socket.c | 4 ++--
security/integrity/iint.c | 21 +++++++++++++------
sound/core/pcm_native.c | 2 +-
43 files changed, 139 insertions(+), 94 deletions(-)
--
2.7.4
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2017-09-28 12:39 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-28 12:39 Mimi Zohar [this message]
2017-09-28 12:39 ` [RFC PATCH 1/3] fs: define new read_iter rwf flag Mimi Zohar
2017-09-28 13:54 ` Matthew Wilcox
2017-09-28 14:33 ` Mimi Zohar
2017-09-28 15:51 ` Linus Torvalds
2017-09-28 12:39 ` [RFC PATCH 2/3] integrity: use call_read_iter to calculate the file hash Mimi Zohar
2017-09-28 12:39 ` [RFC PATCH 3/3] fs: detect that the i_rwsem has already been taken exclusively Mimi Zohar
2017-09-28 22:02 ` Dave Chinner
2017-09-28 23:39 ` Linus Torvalds
2017-09-29 0:12 ` Mimi Zohar
2017-09-29 0:33 ` Linus Torvalds
2017-09-29 1:53 ` Mimi Zohar
2017-09-29 3:26 ` Linus Torvalds
2017-10-01 1:33 ` Eric W. Biederman
[not found] ` <CA+55aFx726wT4VprN-sHm6s8Q_PV_VjhTBC4goEbMcerYU1Tig@mail.gmail.com>
2017-10-01 12:08 ` Mimi Zohar
2017-10-01 18:41 ` Linus Torvalds
2017-10-01 22:34 ` Dave Chinner
2017-10-01 23:15 ` Linus Torvalds
2017-10-02 3:54 ` Dave Chinner
2017-10-01 23:42 ` Mimi Zohar
2017-10-02 3:25 ` Eric W. Biederman
2017-10-02 12:25 ` Mimi Zohar
2017-10-02 4:35 ` Dave Chinner
2017-10-02 12:09 ` Mimi Zohar
2017-10-02 12:43 ` Jeff Layton
2017-10-01 22:06 ` Eric W. Biederman
2017-10-01 22:20 ` Linus Torvalds
2017-10-01 23:54 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1506602373-4799-1-git-send-email-zohar@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).