Arnd and Michael, What do you think of "should_faccessat" or "entrusted_faccessat" for this new system call? On 12/09/2020 02:28, James Morris wrote: > On Thu, 10 Sep 2020, Matthew Wilcox wrote: > >> On Thu, Sep 10, 2020 at 08:38:21PM +0200, Mickaël Salaün wrote: >>> There is also the use case of noexec mounts and file permissions. From >>> user space point of view, it doesn't matter which kernel component is in >>> charge of defining the policy. The syscall should then not be tied with >>> a verification/integrity/signature/appraisal vocabulary, but simply an >>> access control one. >> >> permission()? >> > > The caller is not asking the kernel to grant permission, it's asking > "SHOULD I access this file?" > > The caller doesn't know, for example, if the script file it's about to > execute has been signed, or if it's from a noexec mount. It's asking the > kernel, which does know. (Note that this could also be extended to reading > configuration files). > > How about: should_faccessat ? > Sounds good to me.
