On Mon, Nov 23, 2009 at 12:49 PM, Simon Wilkinson <s...@inf.ed.ac.uk> wrote: > > Sadly, from a look at the Fedora CVS, it seems like Fedora 12 is shipping > with IMA enabled.
Yeah I saw the log of the discussion on jabber. Ick. Seems odd and error-prone that dentry_open would not be symmetric with fput in that respect - like you mentioned on jabber there are places in the kernel itself that don't deal correctly. > By the looks of things, we could change to using filp_open with pathnames to > open and close cache files (in the same way as we currently do on Mac OS X > and Solaris). However, filp_open doesn't have the support that dentry_open() > has for opening files with a specific set of credentials. This means that > the problems we had recently with Apparmour and Selinux crashing us will > reappear. I'm pretty sure that we could use override_creds()/revert_creds() there to get the same effect. As for the open with a path, that was actually in the tree for a short while (see commit cadbebc2e50aedea01475620a3add4c315c13faa), with a lookup + dentry_open that would be easy to replace with filp_open. >From what I remember testing, it was OK with basic cache filesystems like ext2/3 but would oops pretty easily with anything more exotic (xfs, reiser) - locking issues I assumed. So if we do that we might lose the cache filesystem flexibility that we gained with the file handle code. Marc _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
