On Mon, 2005-07-11 at 00:40 +0100, Christoph Hellwig wrote: > On Fri, Jul 08, 2005 at 09:25:21AM -0400, Stephen Smalley wrote: > > The following patch set enables atomic security labeling of newly > > created inodes by altering the fs code to invoke a new LSM hook to > > obtain the security attribute to apply to a newly created inode and to > > set up the incore inode security state during the inode creation > > transaction. This parallels the existing processing for setting ACLs > > on newly created inodes. Otherwise, it is possible for new inodes to > > be accessed by another thread via the dcache prior to complete > > security setup (presently handled by the post_create/mkdir/... LSM > > hooks in the VFS) > > Please also kill these hooks now that they've been replaced with something > more useful and make sure selinux doesn't work on filesystem not converted > to the new method.
I was planning on leaving the security_inode_post* hooks intact at least until the other filesystem types that support security xattrs have all been converted to use the new hook, and even then only after a separate RFC to confirm that it is ok to kill those hooks. Otherwise, we'd be breaking any existing systems that are using SELinux with xfs, jfs, or reiserfs. Also likely need to update tmpfs for the incore inode security setup of new inodes prior to killing those hooks. -- Stephen Smalley National Security Agency - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
