Re: [RFC][Patch 5/5]integrity: IMA as an integrity service provider

[Andrew Morton]

On Thu, 29 May 2008 21:58:08 -0400 Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:

> > erk, I'm not an i_version person.  It seems that it's only used on
> > directories (to patch up readdir coherency problems) so I guess I
> > misled you there.
> 
> No, no.  Initially, that's what I thought. I finally found
> file_update_time() calls inode_inc_iversion(), which updates 
> the i_version.  So, it does work.  The question is whether
> or not it works all the time. :-)

OK.

Before 2.6.17 it wouldn't have worked much at all on MAP_SHARED
modifications.

After 2.6.17 things will be better - we update the mtime on the
clean->dirty transitions of a page.  So the first modification after an
mmap will update the time.

Subsequent modifications via the mmap will not update the file time. 
Until something (usually pdflush) writes the page out.  Then the next
modification via mmap will cause another clean->dirty transition on the
page, hence another mtime update.

So there's a by-default 30-odd second uncertainty with MAP_SHARED
alterations.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/