On Mon, 2020-11-16 at 10:09 -0800, Linus Torvalds wrote: > On Mon, Nov 16, 2020 at 9:41 AM Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote: > > > > The "issue" with IMA is that it uses security hooks to hook into the > > VFS and then wants to read every file that gets opened on a real file > > system to "measure" the contents vs a hash stashed away somewhere. > > Well, but that's easy enough to handle: if the open isn't a read open, > then the old contents don't matter, so you shouldn't bother to measure > the file. > > So this literally sounds like a "doctor, doctor, it hurts when I hit > my head with a hammer" situation.. We need to differentiate between signed files, which by definition are immutable, and those that are mutable. Appending to a mutable file, for example, would result in the file hash not being updated. Subsequent reads would fail. Mimi
