On Thu, Dec 22, 2016 at 12:15:06AM +0100, Mickaël Salaün wrote: > Add a new LSM hook named inode_touch_atime which is needed to deny > indirect update of extended file attributes (i.e. access time) which are > not catched by the inode_setattr hook. By creating a new hook instead of > calling inode_setattr, we avoid to simulate a useless struct iattr. > > This hook allows to create read-only environments as with read-only > mount points. It can also take care of anonymous inodes. And LSM has absolutely no business doing that - that's what the mount code is for. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
