Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1761471AbXFTCSj (ORCPT ); Tue, 19 Jun 2007 22:18:39 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1759127AbXFTCSc (ORCPT ); Tue, 19 Jun 2007 22:18:32 -0400 Received: from mail4.sea5.speakeasy.net ([69.17.117.6]:53740 "EHLO mail4.sea5.speakeasy.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758866AbXFTCSb (ORCPT ); Tue, 19 Jun 2007 22:18:31 -0400 Date: Tue, 19 Jun 2007 22:18:26 -0400 (EDT) From: James Morris X-X-Sender: jmorris@localhost.localdomain To: Mimi Zohar cc: linux-kernel@vger.kernel.org, safford@watson.ibm.com, serue@linux.vnet.ibm.com, zohar@us.ibm.com Subject: Re: [RFC][Patch 2/3]integrity: IMA as an integrity service provider In-Reply-To: <1182199326.8577.6.camel@localhost.localdomain> Message-ID: References: <1182199326.8577.6.camel@localhost.localdomain> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 793 Lines: 29 On Mon, 18 Jun 2007, Mimi Zohar wrote: > +/* what could we exclude > + * - non-executable/non-library files ? > + * - /proc /dev ? > + * Only measure files opened for read-only or execute > + */ > +static int skip_measurement(struct inode *inode, int mask) > +{ > + if ((inode->i_sb->s_magic == PROC_SUPER_MAGIC) || > + (inode->i_sb->s_magic == SYSFS_MAGIC)) { > + return 1; /*can't measure */ > + } I'm pretty sure you should skip measurement for many more pseudo filesystems than this. - James -- James Morris - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/