On Wed, 2016-05-25 at 15:30 +1000, James Morris wrote: > On Fri, 20 May 2016, Andreas Gruenbacher wrote: > > > The return value of evm_update_evmxattr is never used. > > > > Signed-off-by: Andreas Gruenbacher <agruenba@xxxxxxxxxx> > > As I mentioned last time, the EVM code is silently ignoring errors here, > and I'd prefer to see that fixed. Agreed. evm_update_evmxattr() is called as a result of a "protected" xattr or some other file metadata having been modified. The two actions need to remain in sync, otherwise subsequent file access will be denied. At the point that evm_update_evmxattr() fails, there isn't much that can be done other than audit the failure. The file metadata has already been modified. Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
