Re: [RFC PATCH v4 1/2] fuse: introduce new fs_type flag FS_IMA_NO_CACHE

From: Miklos Szeredi
Date: Fri Feb 02 2018 - 11:10:36 EST

Next message: Arnd Bergmann: "Re: [PATCH] xen: hypercall: fix out-of-bounds memcpy"
Previous message: Andy Shevchenko: "Re: [PATCH] ASoC: codecs: Add support for AK5558 ADC driver"
In reply to: Mimi Zohar: "Re: [RFC PATCH v4 1/2] fuse: introduce new fs_type flag FS_IMA_NO_CACHE"
Next in thread: Mimi Zohar: "Re: [RFC PATCH v4 1/2] fuse: introduce new fs_type flag FS_IMA_NO_CACHE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 2, 2018 at 4:33 PM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
> On Fri, 2018-02-02 at 10:20 -0500, Mimi Zohar wrote:
>> Hi Miklos,
>>
>> On Tue, 2018-01-30 at 19:06 +0100, Dongsu Park wrote:
>> > From: Alban Crequy <alban@xxxxxxxxxx>
>> >
>> > This new fs_type flag FS_IMA_NO_CACHE means files should be re-measured,
>> > re-appraised and re-audited each time. Cached integrity results should
>> > not be used.
>> >
>> > It is useful in FUSE because the userspace FUSE process can change the
>> > underlying files at any time without notifying the kernel.

I don't really have an understanding what IMA is doing, I think the
same thing applies to any network filesystem (i.e. ones with
d_revalidate).

Isn't that the case?

Thanks,
Miklos

Next message: Arnd Bergmann: "Re: [PATCH] xen: hypercall: fix out-of-bounds memcpy"
Previous message: Andy Shevchenko: "Re: [PATCH] ASoC: codecs: Add support for AK5558 ADC driver"
In reply to: Mimi Zohar: "Re: [RFC PATCH v4 1/2] fuse: introduce new fs_type flag FS_IMA_NO_CACHE"
Next in thread: Mimi Zohar: "Re: [RFC PATCH v4 1/2] fuse: introduce new fs_type flag FS_IMA_NO_CACHE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]