Hi, I'm bringing up this issue again to let of LSM developers know the situation, and would like to know your thoughts. Several weeks ago I sent an email to the security list to discuss the issue where XFS's ioctl interface can do things like vfs_readlink without asking LSM's permission, which we think is kind of weird and this kind of operation should be audited by LSM. see the original post below: >We noticed a use of vfs_readlink() in xfs_file_ioctl(), which should have been checked by >security_inode_readlink(). >The callgraph is: > xfs_file_ioctl()->xfs_readlink_by_handle()->vfs_readlink() > >This path allows user to do things similar to SyS_readlinkat(), and the parameters >are user controllable. security_inode_readlink() is not used inside vfs_readlink() - Tong
