Hi Mimi, > Each time a file in policy, that is already opened for write, is opened > for read an open-writers integrity violation audit message is emitted > and a violation record is added to the IMA measurement list, even if an > open-writers violation has already been recorded. > Limit the number of open-writers integrity violations for an existing > file open for write to one. After the existing file open for write > closes (__fput), subsequent open-writers integrity violations may occur. LGTM. Reviewed-by: Petr Vorel <pvorel@xxxxxxx> I also did a regression testing on LTP IMA tests on x86_64, aarch64, ppc64le. (not testing the feature itself, just really a very basic regression testing, therefore I do not dare to add my TBT). Kind regards, Petr
