On Wed, Apr 16, 2014 at 08:51:38AM -0400, Stephen Smalley wrote: > Maybe I spoke too soon. IIUC, I_LINKABLE doesn't necessarily > distinguish tmpfiles from other files, as some tmpfiles may be linkable > and others not. But what we want is a way to identify all tmpfiles when > security_inode_init_security() is called if we are going to label them > independently of the provided dir. Oh, right. If O_EXCL is specified (another annoying overload of the flag..) the tmpfile can't ever be linked back into the filesystem and thus doesn't have I_LINKABLE set. I guess the best way to fix this is using the magic qstr you suggested before. That means security_inode_init_security would need to be called after d_tmpfile, which most filesystems don't do right now. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
