From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753307AbdI1Odr (ORCPT ); Thu, 28 Sep 2017 10:33:47 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:59842 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753223AbdI1Odo (ORCPT ); Thu, 28 Sep 2017 10:33:44 -0400 Subject: Re: [RFC PATCH 1/3] fs: define new read_iter rwf flag From: Mimi Zohar To: Matthew Wilcox Cc: linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-integrity@vger.kernel.org, Christoph Hellwig , Linus Torvalds , Linux Kernel Mailing List , Jan Kara , "Theodore Ts'o" Date: Thu, 28 Sep 2017 10:33:23 -0400 In-Reply-To: <20170928135416.GA30859@bombadil.infradead.org> References: <1506602373-4799-1-git-send-email-zohar@linux.vnet.ibm.com> <1506602373-4799-2-git-send-email-zohar@linux.vnet.ibm.com> <20170928135416.GA30859@bombadil.infradead.org> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-TM-AS-MML: disable x-cbid: 17092814-1617-0000-0000-000002011C17 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17092814-1618-0000-0000-0000485119C1 Message-Id: <1506609203.5022.1.camel@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-09-28_04:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=2 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1709280215 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2017-09-28 at 06:54 -0700, Matthew Wilcox wrote: > On Thu, Sep 28, 2017 at 08:39:31AM -0400, Mimi Zohar wrote: > > Writing extended attributes requires exclusively taking the i_rwsem > > lock. To synchronize the file hash calculation and writing the file > > hash as security.ima xattr, IMA-appraisal takes the i_rwsem lock > > exclusively before calculating the file hash. (Once the file hash > > is calculated, the result is cached. Taking the lock exclusively > > prevents calculating the file hash multiple times.) > > > > Some filesystems have recently replaced their filesystem dependent > > lock with the global i_rwsem to read a file. As a result, when IMA > > attempts to calculate the file hash, reading the file attempts to > > take the i_rwsem again. > > > > To resolve this problem, this patch defines a new read_iter flag > > named "rwf" to indicate that the i_rwsem has already been taken > > exclusively. Subsequent patches will set or test the "rwf" flag. > > I don't like adding a bool parameter everywhere. Me either! > Why not add a flag > to the kiocb ki_flags? > > #define IOCB_RWSEM_HELD (1 << 8) Thank you for the suggestion. > -- > To unsubscribe from this list: send the line "unsubscribe linux-security-module" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html >