Hi Roberto, On Fri, 2023-03-03 at 19:18 +0100, Roberto Sassu wrote: > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > In preparation for moving IMA and EVM to the LSM infrastructure, introduce > the path_post_mknod hook. > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > --- > fs/namei.c | 2 ++ > include/linux/lsm_hook_defs.h | 3 +++ > include/linux/security.h | 9 +++++++++ > security/security.c | 19 +++++++++++++++++++ > 4 files changed, 33 insertions(+) > > diff --git a/fs/namei.c b/fs/namei.c > index 41f7fdf4657..3f2747521d3 100644 > --- a/fs/namei.c > +++ b/fs/namei.c > @@ -3980,6 +3980,8 @@ static int do_mknodat(int dfd, struct filename *name, umode_t mode, > dentry, mode, 0); > break; > } > + if (!error) > + security_path_post_mknod(idmap, &path, dentry, mode, dev); Even though the original code uses "if (!error) ...", consider using "if (error) goto ..." here. -- thanks, Mimi
