Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSM hook
From: Christoph Hellwig
Date: Thu Apr 12 2007 - 06:06:50 EST
On Thu, Apr 12, 2007 at 02:08:10AM -0700, jjohansen@xxxxxxx wrote:
> This is needed for computing pathnames in the AppArmor LSM.
>
> Signed-off-by: Tony Jones <tonyj@xxxxxxx>
> Signed-off-by: Andreas Gruenbacher <agruen@xxxxxxx>
> Signed-off-by: John Johansen <jjohansen@xxxxxxx>
>
> ---
> fs/namei.c | 2 +-
> include/linux/security.h | 9 ++++++---
> security/dummy.c | 2 +-
> security/selinux/hooks.c | 3 ++-
> 4 files changed, 10 insertions(+), 6 deletions(-)
>
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -1503,7 +1503,7 @@ int vfs_create(struct inode *dir, struct
> return -EACCES; /* shouldn't it be ENOSYS? */
> mode &= S_IALLUGO;
> mode |= S_IFREG;
> - error = security_inode_create(dir, dentry, mode);
> + error = security_inode_create(dir, dentry, nd ? nd->mnt : NULL, mode);
Once again very strong NACK. Every conditional passing of vfsmounts get my
veto. As mentioned last time if you really want this send a patch series
first that passed the vfsmount consistantly.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/