On Thu, Sep 28, 2017 at 08:39:31AM -0400, Mimi Zohar wrote: > Writing extended attributes requires exclusively taking the i_rwsem > lock. To synchronize the file hash calculation and writing the file > hash as security.ima xattr, IMA-appraisal takes the i_rwsem lock > exclusively before calculating the file hash. (Once the file hash > is calculated, the result is cached. Taking the lock exclusively > prevents calculating the file hash multiple times.) > > Some filesystems have recently replaced their filesystem dependent > lock with the global i_rwsem to read a file. As a result, when IMA > attempts to calculate the file hash, reading the file attempts to > take the i_rwsem again. > > To resolve this problem, this patch defines a new read_iter flag > named "rwf" to indicate that the i_rwsem has already been taken > exclusively. Subsequent patches will set or test the "rwf" flag. I don't like adding a bool parameter everywhere. Why not add a flag to the kiocb ki_flags? #define IOCB_RWSEM_HELD (1 << 8)