On Thu, Oct 29, 2015 at 4:21 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > On 10/28/2015 08:47 PM, Andreas Gruenbacher wrote: >> >> When fetching an inode's security label, check if it is still valid, and >> try reloading it if it is not. Reloading will fail when we are in RCU >> context which doesn't allow sleeping, or when we can't find a dentry for >> the inode. (Reloading happens via iop->getxattr which takes a dentry >> parameter.) When reloading fails, continue using the old, invalid >> label. >> >> Signed-off-by: Andreas Gruenbacher <agruenba@xxxxxxxxxx> > > > Could probably use inode_security_novalidate() for all of the SOCK_INODE() > cases, right? I guess, yes. > Otherwise, > Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx> Thanks, Andreas _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
