Re: [PATCH] security: remove security_sb_post_mountroot hook

[Casey Schaufler]

--- "H. Peter Anvin" <hpa@xxxxxxxxx> wrote:

> The security_sb_post_mountroot() hook is long-since obsolete, and is
> fundamentally broken: it is never invoked if someone uses initramfs.
> This is particularly damaging, because the existence of this hook has
> been used as motivation for not using initramfs.
> 
> Stephen Smalley confirmed on 2007-07-19 that this hook was originally
> used by SELinux but can now be safely removed:
> 
>      http://marc.info/?l=linux-kernel&m=118485683612916&w=2
> 
> Cc: Stephen Smalley <sds@xxxxxxxxxxxxx>
> Cc: James Morris <jmorris@xxxxxxxxx>
> Cc: Eric Paris <eparis@xxxxxxxxxxxxxx>
> Cc: Chris Wright <chrisw@xxxxxxxxxxxx>
> Signed-off-by: H. Peter Anvin <hpa@xxxxxxxxx>

It is also the case that Smack does not use this hook.
It can be removed as far as I'm concerned.



Casey Schaufler
casey@xxxxxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/