[systemd-devel] Revert commit "ma-setup: simplify"
Zbigniew Jędrzejewski-Szmek
zbyszek at in.waw.pl
Mon Jun 1 07:02:18 PDT 2015
On Mon, Jun 01, 2015 at 08:57:57AM -0400, Mimi Zohar wrote:
> The original systemd IMA module loaded the IMA policy by mmaping the
> file into memory and then writing the entire file to
> <securityfs>/ima/policy. By changing this behavior of writing the
> entire file, commit 4dfb18922d5d "ima-setup: simplify" broke IMA
> policy loading.
>
> Please revert commit 4dfb18922d5d1efb13ee459cbf23832277f85ed7 and the
> related hunk from commit 7430ec6ac08f2c0416d9f806964c46b30f3862b2.
I'm pretty sure that whether the input file was mmaped or read using
read() cannot influence the rresult.The difference must come from the
way that the output file is written. Current code also eventually calls
loop_write, except that it writes in chunks of COPY_BUFFER_SIZE (16*1024).
Previous code tried to write everything in one go. Does the output
file have to be written using one write() call?
Zbyszek
More information about the systemd-devel
mailing list