[systemd-devel] [PATCH] Partially revert "ma-setup: simplify"
Lennart Poettering
lennart at poettering.net
Tue Jun 2 21:50:42 PDT 2015
On Tue, 02.06.15 11:55, Mimi Zohar (zohar at linux.vnet.ibm.com) wrote:
> > We could add another parameter to copy_bytes(), but in this case it's
> > cleaner to call fstat() and loop_write().
>
> Right. copy_bytes has no concept of rules/records. So either "another
> parameter" is added to copy_bytes to indicate skip try_sendfile and
> write the entire policy, or [partially] revert the patch to calll
> loop_write() to write the entire policy directly.
In which way does sendfile() fail here? I mean, the code currently
understands ENOSYS and EINVAL as indications that sendfile() is not
supported on an fd. What does sendfile() on the IMA device return?
Most likely we can just check for that error code, and then try the
loop as fallback.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list