On Fri, Sep 23, 2022 at 10:26:35AM -0400, Paul Moore wrote: > On Fri, Sep 23, 2022 at 3:57 AM Christian Brauner <brauner@xxxxxxxxxx> wrote: > > On Fri, Sep 23, 2022 at 08:47:07AM +0200, Christoph Hellwig wrote: > > > On Thu, Sep 22, 2022 at 01:16:57PM -0400, Paul Moore wrote: > > > > properly review the changes, but one thing immediately jumped out at > > > > me when looking at this: why is the LSM hook > > > > "security_inode_set_acl()" when we are passing a dentry instead of an > > > > inode? We don't have a lot of them, but there are > > > > `security_dentry_*()` LSM hooks in the existing kernel code. > > > > > > I'm no LSM expert, but isn't the inode vs dentry for if it is > > > related to an inode operation or dentry operation, not about that > > > the first argument is? > > > > Indeed. For example ... > > If the goal is for this LSM hook to operate on an inode and not a > dentry, let's pass it an inode instead. This should help prevent I would be ok with that but EVM requires a dentry being passed and as evm is called from security_inode_set_acl() exactly like it is from security_inode_setxattr() and similar the hook has to take a dentry. And I want to minimize - ideally get rid of at some point - separate calls to security_*() and evm_*() or ima_() in the vfs. So the evm hook should please stay in there.
