Dmitry Kasatkin: > Following patch replaces IMA usage of kernel_read() with special > version which skips security check that triggers kernel panic > when Apparmor and IMA appraisal are enabled together.
I know this is related to exit(2), but this behaviour of IMA is related to open(2) too. When O_DIRECT is specified, some filesystems (for example, ext2) call do_blockdev_direct_IO() which acquires i_mutex. But IMA:process_measurement() already acquires i_mutex before kernel_read(). It causes a deadlock even if you replace kernel_read() by a simpler one. How can we stop reading the file from IMA? J. R. Okajima -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
