Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()

From: Linus Torvalds
Date: Tue Nov 17 2020 - 13:24:21 EST

Next message: Krzysztof Kozlowski: "[PATCH v2] drm/imx: depend on COMMON_CLK to fix compile tests"
Previous message: Shuah Khan: "Re: [PATCH v2 01/13] seqnum_ops: Introduce Sequence Number Ops"
In reply to: Mimi Zohar: "Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()"
Next in thread: Theodore Y. Ts'o: "Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 16, 2020 at 10:35 AM Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote:
>
> We need to differentiate between signed files, which by definition are
> immutable, and those that are mutable. Appending to a mutable file,
> for example, would result in the file hash not being updated.
> Subsequent reads would fail.

Why would that require any reading of the file at all AT WRITE TIME?

Don't do it. Really.

When opening the file write-only, you just invalidate the hash. It
doesn't matter anyway - you're only writing.

Later on, when reading, only at that point does the hash matter, and
then you can do the verification.

Although honestly, I don't even see the point. You know the hash won't
match, if you wrote to the file.

Linus

Next message: Krzysztof Kozlowski: "[PATCH v2] drm/imx: depend on COMMON_CLK to fix compile tests"
Previous message: Shuah Khan: "Re: [PATCH v2 01/13] seqnum_ops: Introduce Sequence Number Ops"
In reply to: Mimi Zohar: "Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()"
Next in thread: Theodore Y. Ts'o: "Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]