On Thu, Sep 28, 2017 at 3:02 PM, Dave Chinner <david@xxxxxxxxxxxxx> wrote: > On Thu, Sep 28, 2017 at 08:39:33AM -0400, Mimi Zohar wrote: >> Don't attempt to take the i_rwsem, if it has already been taken >> exclusively. >> >> Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> > > That's bloody awful. > > The locking in filesystem IO paths is already complex enough without > adding a new IO path semantic that says "caller has already locked > the i_rwsem in some order and some dependencies that we have no idea > about". I do have to admit that I never got a satisfactory answer on why IMA doesn't just use its own private per-inode lock for this all. It isn't using the i_rwsem for file consistency reasons anyway, so it seems to be purely about serializing the actual signature generation with the xattr writing, but since IMA does those both, why isn't IMA just using its own lock (not the filesystem lock) to do that? Linus