From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Christoph Hellwig <hch@infradead.org>
Cc: linux-xfs <linux-xfs@vger.kernel.org>
Subject: Re: [PATCH] xfs: include the XFS magic number in magic.h
Date: Tue, 12 Dec 2017 10:04:56 -0500 [thread overview]
Message-ID: <1513091096.3476.66.camel@linux.vnet.ibm.com> (raw)
In-Reply-To: <20171212143647.GA10887@infradead.org>
On Tue, 2017-12-12 at 06:36 -0800, Christoph Hellwig wrote:
> On Tue, Dec 12, 2017 at 09:34:56AM -0500, Mimi Zohar wrote:
> > On Tue, 2017-12-12 at 06:26 -0800, Christoph Hellwig wrote:
> > > On Tue, Dec 12, 2017 at 09:21:09AM -0500, Mimi Zohar wrote:
> > > > Move the XFS_SB_MAGIC definition to magic.h.
> > >
> > > NACK. We want to keep the XFS code self-contained and no other part
> > > of the kernel has any business knowing it anyway.
> >
> > IMA policy rules can be defined in terms of magic numbers, but they
> > need to be defined in magic.h. Please reconsider...
>
> That is completely bogus, and it should not be supported in any way.
> File systems magic numbers are internal implementation details.
Perhaps policies in general shouldn't differentiate between file
systems, but it definitely simplifies testing.
For example, currently IMA-appraisal only supports storing file
signatures as xattrs, but support for appended signatures is being
added. Per file system rules could require different types of file
signatures.
Mimi
next prev parent reply other threads:[~2017-12-12 15:05 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-12 14:21 [PATCH] xfs: include the XFS magic number in magic.h Mimi Zohar
2017-12-12 14:26 ` Christoph Hellwig
2017-12-12 14:34 ` Mimi Zohar
2017-12-12 14:36 ` Christoph Hellwig
2017-12-12 15:04 ` Mimi Zohar [this message]
2017-12-12 23:30 ` Dave Chinner
2017-12-12 23:55 ` Mimi Zohar
2017-12-13 0:13 ` Dave Chinner
2017-12-13 1:21 ` Mimi Zohar
2017-12-13 2:59 ` Dave Chinner
2017-12-13 8:43 ` Christoph Hellwig
2017-12-13 14:04 ` Mimi Zohar
2017-12-12 21:13 ` Dave Chinner
2017-12-12 23:35 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1513091096.3476.66.camel@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=hch@infradead.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox