On 6/18/24 9:44 PM, Paul Moore wrote:
On Tue, Jun 18, 2024 at 3:29 PM Matt Bobrowski <mattbobrowski@xxxxxxxxxx> wrote:
The new generic LSM hook security_file_post_open() was recently added
to the LSM framework in commit 8f46ff5767b0b ("security: Introduce
file_post_open hook"). Let's proactively add this generic LSM hook to
the sleepable_lsm_hooks BTF ID set, because I can't see there being
any strong reasons not to, and it's only a matter of time before
someone else comes around and asks for it to be there.
security_file_post_open() is inherently sleepable as it's purposely
situated in the kernel that allows LSMs to directly read out the
contents of the backing file if need be. Additionally, it's called
directly after securuty_file_open(), and that LSM hook in itself
*cough*
"security_file_open()"
Fixed up while applying, thanks!