Re: [PATCH v2 2/3] fs: ubifs: update i_version on inode changes

[Oleksij Rempel]

On Tue, Apr 11, 2017 at 11:08:47PM -0700, Christoph Hellwig wrote:
> On Wed, Apr 12, 2017 at 08:05:34AM +0200, Oleksij Rempel wrote:
> > The code seems to confirm it. So i assumed that IMA don't care if
> > i_version is stored to disk or not. And i_version is the only way
> > to notify IMA about inode changes.
> > Since IMA documentation explecitley set i_version as reqieremt, so this
> > option was provided as well.
> 
> Maybe IMA doesn't care, but if you set MS_I_VERSION the fs does give
> a guarantee.  Sp NAK on this patch as-is.

Ok, it was an expekted NACK :)
Suddenly right now i don't have good ide to solve it. IMA just won't to
know if some runtime changes was made to FS. Currently i can image
fallowing variants:
- rework IMA
- add MS_I_TEMP_VERSION and keep i_version using for it.
- add new variable for external use only. For example: ima_rt_i_version,
  or some thing like this.

Other ideas?

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |