Re: [PATCH 0/4] IMA: making i_readcount a first class inode citizen

[Mimi Zohar]

On Thu, 2010-10-28 at 15:29 -0700, Linus Torvalds wrote:
> On Thu, Oct 28, 2010 at 3:24 PM, Dave Chinner <david@xxxxxxxxxxxxx> wrote:
> >
> > Why the wrapper functions and locking? Why not an atomic variable like
> > i_writecount?
> 
> Indeed. With moving this more into the VFS, let's just make sure it
> looks like i_writecount as much as possible.
> 
>                       Linus

Would making i_readcount atomic be enough in ima_rdwr_violation_check(),
or would it still need to take the spin_lock? IMA needs guarantees
that the i_readcount/i_writecount won't be updated in between.

        spin_lock(&inode->i_lock);

        if (mode & FMODE_WRITE) {
                if (inode->i_readcount && IS_IMA(inode))
                        send_tomtou = true;
                goto out;
        }

        rc = ima_must_measure(NULL, inode, MAY_READ, FILE_CHECK);
        if (rc < 0)
                goto out;

        if (atomic_read(&inode->i_writecount) > 0)
                send_writers = true;
out:
        spin_unlock(&inode->i_lock);

Wouldn't the same be true in fs/locks:get_setleases()?

Mimi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/