On Mon, Feb 11, 2019 at 10:27 PM Ignaz Forster <iforster@xxxxxxxx> wrote: > > From: Ignaz Forster <iforster@xxxxxxx> > > EVM tries to protect these attributes during copy_up, resulting in > the failure of the copy_up operation. > > This patch will skip the attributes (similar to selinux) to allow > for later recalculation. This, however, introduces another problem: > As overlayfs does not check the file integrity on copy_up, files with > an invalid hash will suddenly become valid again after the copy_up > operation. > "overlayfs doesn't check" means the check is to high in vfs and needs to move to lower vfs layer? Same as fixes in vfs_create and vfs_tmpfile. Thanks, Amir.
