On Sun, 2017-01-08 at 16:14 +0100, Christoph Hellwig wrote: > On Sun, Jan 08, 2017 at 10:03:09AM -0500, Mimi Zohar wrote: > > But not normally for a normal file read. > > Depends on the file system. In addition to XFS at least the NFS > also uses i_rwsem by default. Also all file systems supporting > a DAX I/O path. We're only interested in the integrity of the local file system. > > Unless something has changed recently, to synchronize reading files to > > calculate the file hash and writing xattrs it has to take the i_rwsem > > prior to reading the file. > > No, you must simply not do this at all. If you take a lock that > belongs to the fs and is not your own over ->read_iter you're toast > as you've seen. Christoph, this isn't a new story and telling me this isn't very productive. Originally there was an IMA specific lock. The i_mutex was taken just to access the xattr. Unforutnately, having two locks caused a lockdep between the normal read/validate and setxattr. As a result, we dropped the IMA specific lock. IMA needs a mechanism for quickly reading a file to calculate the file hash and validate (or set) the file signature/hash stored as an xattr, prior to any other process getting access to the file. Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
