On Tue, Feb 27, 2018 at 01:41:11AM +0100, Mickaël Salaün wrote: > The function current_nameidata_security(struct inode *) can be used to > retrieve a blob's pointer address tied to the inode being walk through. > This enable to follow a path lookup and know where an inode access come > from. This is needed for the Landlock LSM to be able to restrict access > to file path. > > The LSM hook nameidata_free_security(struct inode *) is called before > freeing the associated nameidata.
NAK. Not without well-defined semantics and "some Linux S&M uses that for something, don't ask what" does not count.
