On Thu, 2026-04-30 at 21:32 -0500, Sahil Gupta wrote: > > Have you considered using IS_RDONLY(real_inode)? > > OOC are ima caches invalidated on fs reconfigure? If that is the case, > then IS_RDONLY ought to do the trick.
Per-inode IMA integrity status (iint) is now stored directly in the inode's LSM security blob rather than in a red-black tree cache. By "fs reconfiguration", do you mean remounting the filesystem? If so, the iint stored in the LSM security blob should be freed when the filesystem is unmounted. Mimi
