* David P. Quigley (dpquigl@xxxxxxxxxxxxx) wrote:
> +/* Flags for setcontext */
> +#define LSM_SETCORE 1
> +#define LSM_SETDISK 2
> +
> #ifdef CONFIG_SECURITY
>
> /**
> @@ -1395,6 +1399,9 @@ struct security_operations {
> int (*secctx_to_secid)(char *secdata, u32 seclen, u32 *secid);
> void (*release_secctx)(char *secdata, u32 seclen);
>
> + int (*setcontext)(struct dentry *dentry, void *ctx, u32 ctxlen, int flags);
> + int (*getcontext)(struct dentry *dentry, void **ctx, u32 *ctxlen);
Is this meant to address Casey's argument about the mac label hook name?
Also, why have you made the distinction of in-core vs. on disk in the
interface? As I mentioned, I think just needs a little better
description of why.
thanks,
-chris
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
