Quoting Alexey Dobriyan (adobriyan@xxxxxxxxx): > [BSD security levels are deleted in -mm, assuming this below] > > The only user of i_security, f_security, s_security fields is SELinux, > so ifdef them with CONFIG_SECURITY_SELINUX. Following Stephen Smalley's The SLIM security module, which is trying to get upstream, uses at least i_security and f_security. The Argus module supposedly being submitted "soon" which is used in their LSPP product, surely must use them all. Maybe you still want to make these CONFIG_SECURITY_SELINUX until the other modules are upstreamed, but I just wanted to make sure you knew other modules, trying to get upstream, are using them. Personally I'd say these are a core part of the LSM framework, and if you don't want LSM, compile it out. But since I realize that using only capabilities must be a pretty common case, how about just adding a config option CONFIG_SECURITY_OBJFIELDS, which is auto-enabled with SELINUX and default off, which hides these fields instead? Patch should be trivial, and I can aim to send one tomorrow. -serge - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
