lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 22 Aug 2022 09:33:09 -0400
From:   Jeff Layton <>
Cc:,,,,, NeilBrown <>,
        Trond Myklebust <>,
        Dave Chinner <>
Subject: [PATCH] iversion: update comments with info about atime updates

Add an explicit paragraph codifying that atime updates due to reads
should not be counted against the i_version counter. None of the
existing subsystems that use the i_version want those counted, and
there is an easy workaround for those that do.

Cc: NeilBrown <>
Cc: Trond Myklebust <>
Cc: Dave Chinner <>
Signed-off-by: Jeff Layton <>
 include/linux/iversion.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/include/linux/iversion.h b/include/linux/iversion.h
index 3bfebde5a1a6..da6cc1cc520a 100644
--- a/include/linux/iversion.h
+++ b/include/linux/iversion.h
@@ -9,8 +9,8 @@
  * ---------------------------
  * The change attribute (i_version) is mandated by NFSv4 and is mostly for
  * knfsd, but is also used for other purposes (e.g. IMA). The i_version must
- * appear different to observers if there was a change to the inode's data or
- * metadata since it was last queried.
+ * appear different to observers if there was an explicit change to the inode's
+ * data or metadata since it was last queried.
  * Observers see the i_version as a 64-bit number that never decreases. If it
  * remains the same since it was last checked, then nothing has changed in the
@@ -18,6 +18,12 @@
  * anything about the nature or magnitude of the changes from the value, only
  * that the inode has changed in some fashion.
+ * Note that atime updates due to reads or similar activity do _not_ represent
+ * an explicit change to the inode. If the only change is to the atime and it
+ * wasn't set via utimes() or a similar mechanism, then i_version should not be
+ * incremented. If an observer cares about atime updates, it should plan to
+ * fetch and store them in conjunction with the i_version.
+ *
  * Not all filesystems properly implement the i_version counter. Subsystems that
  * want to use i_version field on an inode should first check whether the
  * filesystem sets the SB_I_VERSION flag (usually via the IS_I_VERSION macro).

Powered by blists - more mailing lists