On Tue, 2014-07-15 at 15:03 +0200, Pavel Machek wrote: > On Sat 2014-07-12 01:22:04, Dmitry Kasatkin wrote: > > On 11 July 2014 23:10, Pavel Machek <pavel@xxxxxx> wrote: > > > On Wed 2014-07-02 11:40:50, Christoph Hellwig wrote: > > >> On Wed, Jul 02, 2014 at 11:55:41AM -0400, Jeff Moyer wrote: > > >> > It's acceptable. > > >> > > >> It's not because it will then also affect other reads going on at the > > >> same time. > > >> > > >> The whole concept of ima is just broken, and if you want to do these > > >> sort of verification they need to happen inside the filesystem and not > > >> above it. Agreed, maintaining the file's integrity hash should be done at the filesystem layer. IMA would then be relegated to using the integrity information to maintain the measurement list and enforce local file integrity. > > > ...and doing it at filesystem layer would also permit verification of > > > per-block (64KB? 1MB?) hashes. > > > > Please design one single and the best universal filesystem which > > does it. > > Given the overhead whole-file hashing has, you don't need single best > operating system. All you need it either ext4 or btrfs.. depending on > when you want it in production. Mike Halcrow will be leading a discussion on EXT4 Encryption at LSS http://kernsec.org/wiki/index.php/Linux_Security_Summit_2014/Abstracts/Halcrow. One of the discussion topics will be the storage of file metadata integrity. (Lukas Czerner's work.) Hope you'll be able to attend. Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
