Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> writes: > On Sep 30, 2017 18:33, "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> wrote:. > > That would require a task_work or another kind of work callback so that > the writes of the xattr are not synchronous with the vfs callback > correct? > > No, why? > > You should just invalidate the IMA on xattr write or other operations that make the measurement invalid. You only need the inner > lock. > > Why are you guys making up all these things just to make it complicated? I am not trying to make things complicated I am just trying to understand the conversation. Unless I misread something it was being pointed out there are some vfs operations today on which ima writes an ima xattr as a side effect. And those operations hold the i_sem. So perhaps I am misunderstanding things or writing the ima xattr needs to happen at some point. Which implies something like queued work. But perhaps I a misunderstanding the conversation and ima. I frequenly misunderstand ima. Eric
