On Mon, 2022-11-21 at 10:45 +0100, Roberto Sassu wrote: > > As ocfs2 already defines initxattrs, that leaves only reiserfs missing > > initxattrs(). A better, cleaner solution would be to define one. > > If I understood why security_old_inode_init_security() is called > instead of security_inode_init_security(), the reason seems that the > filesystem code uses the length of the obtained xattr to make some > calculations (e.g. reserve space). The xattr is written at a later > time. > > Since for reiserfs there is a plan to deprecate it, it probably > wouldn't be worth to support the creation of multiple xattrs. I would > define a callback to take the first xattr and make a copy, so that > calling security_inode_init_security() + reiserfs_initxattrs() is > equivalent to calling security_old_inode_init_security(). > > But then, this is what anyway I was doing with the > security_initxattrs() callback, for all callers of security_old_inode_i > nit_security(). > > Also, security_old_inode_init_security() is exported to kernel modules. > Maybe, it is used somewhere. So, unless we plan to remove it > completely, it should be probably be fixed to avoid multiple LSMs > successfully setting an xattr, and losing the memory of all except the > last (which this patch fixes by calling security_inode_init_security()) > . > > If there is still the preference, I will implement the reiserfs > callback and make a fix for security_old_inode_init_security(). There's no sense in doing both, as the purpose of defining a reiserfs initxattrs function was to clean up this code making it more readable. Mimi
