On Sat, Oct 1, 2022 at 11:49 AM Günther Noack <gnoack3000@xxxxxxxxx> wrote: > > Like path_truncate, the file_truncate hook also restricts file > truncation, but is called in the cases where truncation is attempted > on an already-opened file. > > This is required in a subsequent commit to handle ftruncate() > operations differently to truncate() operations. > > Acked-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> > Acked-by: John Johansen <john.johansen@xxxxxxxxxxxxx> > Signed-off-by: Günther Noack <gnoack3000@xxxxxxxxx> > --- > fs/namei.c | 2 +- > fs/open.c | 2 +- > include/linux/lsm_hook_defs.h | 1 + > include/linux/lsm_hooks.h | 10 +++++++++- > include/linux/security.h | 6 ++++++ > security/apparmor/lsm.c | 6 ++++++ > security/security.c | 5 +++++ > security/tomoyo/tomoyo.c | 13 +++++++++++++ > 8 files changed, 42 insertions(+), 3 deletions(-) I agree with Mickaël's comments regarding the formatting, but otherwise it looks okay to me from a LSM perspective. If you make the whitespace changes you can add my ACK. Acked-by: Paul Moore <paul@xxxxxxxxxxxxxx> -- paul-moore.com
