Hi All, When a filesystem is remounted from rw to ro then sb_prepare_remount_readonly() is called. After this call there shouldn't be any writers left on the filesystem. However, IMA/EVM is not aware of this as it never calls mnt_want_write[_file](), but only looks add the MS_RDONLY superblock flag before writing to its xattrs. This flag is only changed after sb->s_op->remount_fs() is called. As a consequence IMA/EVM still updates xattrs while the filesystem is going to readonly mode. We observed that on a 4.0 Kernel in conjunction with UBIFS, but the relevant code in IMA/EVM still looks the same so I assume it's present in the current kernel aswell. UBIFS calculates its free space before and after the remount_fs op and if there's a difference it prints a backtrace (dbg_check_space_info: free space changed from x to y). We see this backtrace sometimes when remounting the fs readonly. If I understand the situation correctly this is not UBIFS's fault, right? Any hint what we can do about it? Sascha -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
