security_inode_init_security() currently calls at most one of selinux_inode_init_security() and smack_inode_init_security(). It then sends the result to evm_inode_init_security to create the security.evm attribute. This isn't going to work on a system that has both SELinux and Smack. I see two options: - create security.evm with the information from all security modules that provide inode_init_security hooks - create a separate attribute for each module, security.evm-selinux and security.evm-smack in the current case. How would you like to have it work? I am agnostic, although the separate attributes would be easier for the infrastructure.
