[Cc'ing linux-ima-users] On Wed, 2017-06-28 at 16:41 +0200, Christoph Hellwig wrote: > NAK - we'll need an explicit method for the integrity code. > > And just curious - what filesystem that you care about actually > implements ->read instead of ->read_iter? We shouldn't be doing that > for real file systems anymore. Right, pseudo filesystems are using ->read. The existing builtin measurement policies exclude a number of pseudo filesystems, but not efivarfs. Unfortunately, we do not know what type of custom policies are currently being used. The contents of the IMA measurement list are verified against a reference manifest, provided at registration, or against a white list. Not measuring files that were previously measured could break userspace applications. Let's wait to hear back from the larger IMA community as to whether there is a need to measure files on pseudo filesystems, before implementing an explicit method. Mimi
