On Tue, 2009-05-12 at 08:27 +1000, James Morris wrote: > On Mon, 11 May 2009, Joel Becker wrote: > > > and other security attributes (in all, I'm gonna call that the "security > > context") as well. So I defined reflink() as such. This meant > > "security context" is an term associated with SELinux, so you may want to > use something like "security attributes" or "security state" to avoid > confusing people. > > > + error = security_inode_reflink(old_dentry, dir); > > + if (error) > > + return error; > > We'll need the new_dentry now, to set up new security state before the > dentry is instantiated. I don't think the inode exists yet for the new_dentry (not until after the call to i_op->reflink), and thus we cannot set up the new inode state at the point of security_inode_reflink(). We will need the filesystem to call into the security module to get the right security attribute name/value pair when creating the new inode, just as with normal inode creation, unless it is preserving the name/value pair from the original. The security_inode_init_security() hook is for that purpose - you can see its usage in existing filesystems when creating new inodes. > e.g. SELinux will need to perform some checks on the operation, then > calculate a new security context for the new file. > > > - James -- Stephen Smalley National Security Agency -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
