Received: by 10.223.176.5 with SMTP id f5csp916793wra; Fri, 2 Feb 2018 08:11:21 -0800 (PST) X-Google-Smtp-Source: AH8x225Q+SM/5wJYH0E/0sZH2SQaLSO2uuVYrRYZsngaAlC3b4CE5O4ZDceFb2acXPKOmIlZxda9 X-Received: by 2002:a17:902:a617:: with SMTP id u23-v6mr15422061plq.201.1517587881783; Fri, 02 Feb 2018 08:11:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517587881; cv=none; d=google.com; s=arc-20160816; b=Z5KlFuH3YnYh3l/AnjQr5VLi5x5ZuUw38GJKJS1SlbLafddtrrR+bil0/tmoWB6EN5 D9Vd3aC4dMu9Vda6zsQodOZeRDNOlDKivyK+lQ1GjXIsqDYlfCBN2X11qg5O/EJhWKaB VdA8OSBsbRLjRF9eIAn+FBWsSy4/4FglUwdk+TcpQDep6d6RwARRMToSLv0I+r8FRDqQ CzSWQ7jMqUST7SHMpVfeJ4Y8JRGz8tcGwP0B7eLBIQoawEKDvFoMRw0sxm3OcLTwuFZ2 Z5atc90HSum4wbYM+9kDUlom/zMdVm4vjDYPxMgHF0U+YU7cDsxVly3JwIMONof0InqO G2DA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=hOJdviQeY3/9wR2Twh8HEKtPXUJ5+c7+UHMOypFsz9s=; b=I8obAbn7LniFyutDY0TfDcYNndlw7kgbT4lLRxRqMRhMwjjsj4agoqspGEJgpfhSia Xgq58bchk09qoZSkblaMag8uLugNL1hurDf3HuuZN4vwKgt40N153/q5n270CzQ9aKUw oL64uWyLh4+mtyPQAVwFVNW5stsspLDv3Ntdblx2g7cEAcAb85w18K7l4v6/FgIkPsEu Rz1/yJoQfyU7+UBHPNKzQxmg8QBmlrLovLNR7DHx0V30LUSbsaoVFHCRKIu9XbGxoqHL 875UuzEnbhYmQOGoCQIS9oNS49czsIKN4KcV79yaAWHEnuheByfooH7nDTju0c4HV0is cRLg== ARC-Authentication-Results: i=1; mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=W7yrKbZW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d5-v6si2165444plm.759.2018.02.02.08.11.07; Fri, 02 Feb 2018 08:11:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=W7yrKbZW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752195AbeBBQKb (ORCPT + 99 others); Fri, 2 Feb 2018 11:10:31 -0500 Received: from mail-qt0-f195.google.com ([209.85.216.195]:42390 "EHLO mail-qt0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751844AbeBBQKZ (ORCPT ); Fri, 2 Feb 2018 11:10:25 -0500 Received: by mail-qt0-f195.google.com with SMTP id c2so31491631qtn.9 for ; Fri, 02 Feb 2018 08:10:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=szeredi.hu; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=hOJdviQeY3/9wR2Twh8HEKtPXUJ5+c7+UHMOypFsz9s=; b=W7yrKbZW4Owp7HjmHr5BbGhZttl9S9jWv6YVBY4A5sB6+6iZtETbsE2hmKrFm/s1CD utlDQ2902tCFHHJE/VnGG9/DhRtqVJkBTmRZXQOLeOklk41cqRfMLIzYuao7kZJQtsLD MsTfz8VvTIX9oK83hhi9WxHoLZKW/4c9QVVNA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=hOJdviQeY3/9wR2Twh8HEKtPXUJ5+c7+UHMOypFsz9s=; b=osfK3YOhnhczWnQbiVi/t+4oUT8VIfuhf63d4TEuBLVzrRD1OMwrmU2bjz/D1NwNxS 3qhb2xRw0FbEV8ZiXMV0ZXx54oWTIWWbf/XJmXcOQKb7dckh5X40IPzUNvFykRR4MIhs gcg1g4yxK2qvlMSEuh4nh9dfE4eRfXG1f6/hdyoIS86u16XYLeU3zJOrQZcCcrC2M34U IZ3DxIs/dCcw8BbqnnEU90LWIlUm7GRsLLdtKtuH66lVLCpJ5Hih3ur/Z+6nNVXTWBo4 VdJDwqhXfxJ4zJaqpr+dywqQgCxWN59MKnurdSPI+cFxUYwKqXF74WtGfj2q6PaG8oWH W+mg== X-Gm-Message-State: AKwxytd6HByEfkvrYl8oIveIvx1qBGdcTsS7ZdEaSN+LFRGS97KZSYXr CwLwD46Qxf+rgXW2ZFpvRWQxFLwSt7vLn1ZIiSBiuA== X-Received: by 10.237.56.9 with SMTP id j9mr25765758qte.32.1517587825261; Fri, 02 Feb 2018 08:10:25 -0800 (PST) MIME-Version: 1.0 Received: by 10.140.84.213 with HTTP; Fri, 2 Feb 2018 08:10:24 -0800 (PST) X-Originating-IP: [176.63.54.97] In-Reply-To: <1517585624.3171.64.camel@linux.vnet.ibm.com> References: <86832c6adb256f29f44b6229222b80964fc8cfcc.1517314847.git.dongsu@kinvolk.io> <1517584816.3171.61.camel@linux.vnet.ibm.com> <1517585624.3171.64.camel@linux.vnet.ibm.com> From: Miklos Szeredi Date: Fri, 2 Feb 2018 17:10:24 +0100 Message-ID: Subject: Re: [RFC PATCH v4 1/2] fuse: introduce new fs_type flag FS_IMA_NO_CACHE To: Mimi Zohar Cc: Christoph Hellwig , linux-integrity@vger.kernel.org, LSM , linux-fsdevel@vger.kernel.org, Alban Crequy , Miklos Szeredi , Alexander Viro , Dmitry Kasatkin , James Morris , "Serge E . Hallyn" , Seth Forshee , Dongsu Park , linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 2, 2018 at 4:33 PM, Mimi Zohar wrote: > On Fri, 2018-02-02 at 10:20 -0500, Mimi Zohar wrote: >> Hi Miklos, >> >> On Tue, 2018-01-30 at 19:06 +0100, Dongsu Park wrote: >> > From: Alban Crequy >> > >> > This new fs_type flag FS_IMA_NO_CACHE means files should be re-measured, >> > re-appraised and re-audited each time. Cached integrity results should >> > not be used. >> > >> > It is useful in FUSE because the userspace FUSE process can change the >> > underlying files at any time without notifying the kernel. I don't really have an understanding what IMA is doing, I think the same thing applies to any network filesystem (i.e. ones with d_revalidate). Isn't that the case? Thanks, Miklos