On Wednesday 15 August 2007 18:23, Casey Schaufler wrote: > > Hi Linus, Al, > > > > Would you object greatly to functions like vfs_mkdir() gaining a security > > parameter? > > Could you describe how this compares to the proposal that the > AppArmor developers suggested recently? I expect that we can > reduce the amount of discussion required, and maybe avoid some > confusion if you could do that. That's from one of those patches: -int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) +int vfs_mkdir(struct inode *dir, struct dentry *dentry, struct vfsmount *mnt, + int mode) We need the vfsmount in the LSM hooks in addition to the dentry in order to figure out where in the filesystem namespace we are. The various vfs_ functions are the ones calling the LSM hooks. (The same could be achieved passing a struct path instead.) -- Andreas - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
