On Tue, 2018-10-09 at 12:29 -0700, Matthew Garrett wrote: > On Tue, Oct 9, 2018 at 11:04 AM Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote: > > > > On Tue, 2018-10-09 at 10:21 -0700, Matthew Garrett wrote: > > > Well, there's a performance benefit as well - reading 500MB > > > executables over the network is time consuming and otherwise mostly > > > unnecessary. Given two solutions that have the same properties in > > > terms of which components we need to trust, why not pick the one > > > that's faster? > > > > With the existing cover letter, the purpose of this patch set should > > be to address the performance of calculating the file hash on trusted > > local FUSE mounted filesystems, not remote filesystems or fs-verity > > filesystems. > > The performance hit is more noticeable over remote filesystems, but we > have large binaries that take several seconds to hash even on local > filesystems. Would it be helpful to try to define the assumptions that > IMA makes in terms of whether or not it produces trustworthy results? > It feels like it's be easier to talk about this if we have a more > formal set of conditions to take into consideration. [Cc'ing Chuck Lever] Integrity of files on remote filesystems should probably be discussed in the context of fs-verity, not FUSE filesystems. Do you want to continue the discussion here or perhaps as an LSS-EU BoF? Mimi
