From mboxrd@z Thu Jan  1 00:00:00 1970
From: hch@infradead.org (Christoph Hellwig)
Date: Thu, 14 Sep 2017 13:49:54 -0700
Subject: [PATCH 2/2] integrity: replace call to integrity_read_file with
	kernel version
In-Reply-To: <alpine.LRH.2.21.1709150617350.4414@namei.org>
References: <1505270734-4280-1-git-send-email-zohar@linux.vnet.ibm.com>
	<1505270734-4280-2-git-send-email-zohar@linux.vnet.ibm.com>
	<alpine.LRH.2.21.1709150617350.4414@namei.org>
Message-ID: <20170914204954.GA27029@infradead.org>
To: linux-security-module@vger.kernel.org
List-Id: linux-security-module.vger.kernel.org

On Fri, Sep 15, 2017 at 06:21:28AM +1000, James Morris wrote:
> So, to be clear, this patch solves the XFS deadlock using a different 
> approach (to the now reverted integrity_read approach), which Christoph 
> also says is more correct generally.  Correct?

No.  It is in addition to the previous patches - the patches were
correct for the IMA interaction with the I/O path.  It just turns
out that the function was also reused for reading certificates
at initialization time, for which that change was incorrect.

If this series is applied first the integrity_read code is not
used for that path any more.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html