Re: [PATCH] IMA: use vfs_getattr_nosec to get the i_version

From: Christian Brauner
Date: Tue Apr 18 2023 - 05:08:46 EST

Next message: Li Yang: "[PATCH] usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()"
Previous message: Guillaume Nault: "Re: [PATCH] PPPoL2TP: Add more code snippets"
In reply to: Jeff Layton: "[PATCH] IMA: use vfs_getattr_nosec to get the i_version"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Apr 17, 2023 at 12:55:51PM -0400, Jeff Layton wrote:
> IMA currently accesses the i_version out of the inode directly when it
> does a measurement. This is fine for most simple filesystems, but can be
> problematic with more complex setups (e.g. overlayfs).
>
> Make IMA instead call vfs_getattr_nosec to get this info. This allows
> the filesystem to determine whether and how to report the i_version, and
> should allow IMA to work properly with a broader class of filesystems in
> the future.
>
> Reported-and-Tested-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
> Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
> ---

Excellent, thanks,
Reviewed-by: Christian Brauner <brauner@xxxxxxxxxx>

Next message: Li Yang: "[PATCH] usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()"
Previous message: Guillaume Nault: "Re: [PATCH] PPPoL2TP: Add more code snippets"
In reply to: Jeff Layton: "[PATCH] IMA: use vfs_getattr_nosec to get the i_version"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]