Hi, I have discovered one IMA related issue.
IMA file hash is re-calculate if needed on file close. It works with ftruncate(fd, length) syscall, because it operates on "opened" file. Recalculation is happening on file close. truncate(path, length) syscall works with path and no file open/close takes place. Recalculation does not happen. IMA denies file access later. It looks like vfs_truncate() should possibly call IMA to recalculate the hash. - Dmitry -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
