On Friday, November 07, 2014 10:05:40 PM David Howells wrote: > Paul Moore <[email protected]> wrote: > > So the LSM must modify the xattr in place? I suppose that since the > > @value is allocated to the max size it shouldn't be a problem. Just > > checking ... > > ... And the caller must provide a maximally sized buffer (which it likely > has to allocate anyway). > > I'm not sure I really need to provide the modification thing. I suspect a > binary keep or discard decision is sufficient.
The docker use case we've been talking about in this thread doesn't really care about the on-disk file labels (xattrs) because the docker folks want to use context= mounts; however if someone did care about on-disk file labels for the upper layer in the overlayfs then they might want to modify the xattr. -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
