Re: [PATCH 10/32] tomoyo: Implement security hooks for the new mount API [ver #9]

From: Tetsuo Handa
Date: Tue Jul 10 2018 - 19:34:46 EST

Next message: Yang Shi: "[RFC v4 PATCH 1/3] mm: introduce VM_DEAD flag and extend check_stable_address_space to check it"
Previous message: Yang Shi: "[RFC v4 PATCH 2/3] mm: refactor do_munmap() to extract the common part"
In reply to: David Howells: "[PATCH 10/32] tomoyo: Implement security hooks for the new mount API [ver #9]"
Next in thread: David Howells: "[PATCH 12/32] vfs: Separate changing mount flags full remount [ver #9]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Howells wrote:
> Implement the security hook to check the creation of a new mountpoint for
> Tomoyo.
>
> As far as I can tell, Tomoyo doesn't make use of the mount data or parse
> any mount options, so I haven't implemented any of the fs_context hooks for
> it.
>
> Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
> cc: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
> cc: tomoyo-dev-en@xxxxxxxxxxxxxxxxxxxx
> cc: linux-security-module@xxxxxxxxxxxxxxx
>

Would you provide examples of each possible combination as a C program?
For example, if one mount point from multiple sources with different
options are possible, please describe such pattern using syscall so that
LSM modules can run it to see whether they are working as expected.

Next message: Yang Shi: "[RFC v4 PATCH 1/3] mm: introduce VM_DEAD flag and extend check_stable_address_space to check it"
Previous message: Yang Shi: "[RFC v4 PATCH 2/3] mm: refactor do_munmap() to extract the common part"
In reply to: David Howells: "[PATCH 10/32] tomoyo: Implement security hooks for the new mount API [ver #9]"
Next in thread: David Howells: "[PATCH 12/32] vfs: Separate changing mount flags full remount [ver #9]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]