sf...@users.sourceforge.net:
> In other words, O_DIRECT and IMA don't cowork, at least with "ima_tcb".
> It surely cause a deadlock.
:::
> By the way, are you specifying "ima_tcb", or do you have a
> config/customize file for ima? If you have, would you post the file
> here?
I've found a possibility of another deadlock around mmap_sem and
i_mutex. The former is acquired by VFS/mm, and the latter is by IMA
called by aufs.
I decided NOT to call security_mmap_file() inside aufs and added a
description in aufs manual.
----------------------------------------
Aufs repects all "security" hooks in kernel, so you can configure LSM
for both of virtual aufs files and real branch-fs files. But there is
one exception, it is the kernel function "security_mmap_file()." The
function called inside aufs for a branch-fs file may cause a deadlock,
so aufs stops calling it.
----------------------------------------
J. R. Okajima
------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos. Get
unparalleled scalability from the best Selenium testing platform available.
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
