On Mon, 2018-01-15 at 09:18 -0800, Christoph Hellwig wrote: > On Mon, Jan 15, 2018 at 11:32:41AM -0500, Mimi Zohar wrote: > > For XFS, which considers fsmagic numbers private to the filesystem, > > *always* using the fsmagic number is wrong. As to whether this is > > true for other filesystems is unclear. IMA policies have been defined > > in terms of fsmagic numbers for a long time. fsmagic numbers were > > moved from the filesystems to magic.h for this purpose. Someone would > > have complained earlier if it is always wrong. > > > > I just posted a patch titled "ima: define new policy condition based > > on the filesystem name" to allow policies to be defined in terms of > > the i_sb->s_type->name. > > ima has no business looking at either the name _or_ the magic number. There are a couple of reasons to define policies in terms of the filesystem name or magic numbers. One example is pseudo filesystems (eg. pseudo filesystems - sysfs, securitys, cgroups, selinuxfs, etc). These should never be measured or appraised. The current example is fuse and remote file systems. These should always be re-evaluated and not rely on cached file info. If not based on IMA policy, what do you propose? Define new SB_ flags to indicate IMA disabled/enabled (eg. SB_IMA) and nocaching (eg. SB_IMA_NOCACHE)? Mimi
