[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <874p5y7tw0.fsf@basil.nowhere.org>
Date: Wed, 06 Aug 2008 04:35:27 +0200
From: Andi Kleen <andi@...stfloor.org>
To: Eric Paris <eparis@...hat.com>
Cc: malware-list@...ts.printk.net, linux-kernel@...r.kernel.org
Subject: Re: [RFC 0/5] [TALPA] Intro to a linux interface for on access scanning
Eric Paris <eparis@...hat.com> writes:
> 5. Fine-grained caching
> -----------------------
> It is necessary to select which filesystems can be safely cached and
> which must not be. For example it is not a good idea to allow caching of
> network filesystems because their content can be changed invisibly. Disk
> based and some virtual filesystems can be cached safely on the other
> hand.
Actually local disk file systems can be changed invisibly to the VFS too by
directly writing to the block device. This does not change the
page cache, but the on disk copy and when a page is pruned from
RAM and reloaded VFS will see the new contents without knowing
about any change. How would you stop that in your
proposal? I assume you could always require a special LKM that
forbids block writes for anything mounted, but that has other problems
too and one wuld need to be extremly careful of holes in
such a protection scheme (e.g. overlapping partitions)
[haven't read the rest of the proposal]
-Andi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists