Here is an attempt at getting rid of d_find_alias in SELinux. The first patch makes SELinux call getxattr with a NULL dentry when the dentry is unknown instead of using a random alias dentry, and makes getxattr fail with -ECHILD on filesystems that cannot do getxattr with only an inode. The second patch changes getxattr on overlayfs so that it works with just an inode. This leaves 9p and cifs as the filesystems where getxattr without a dentry doesn't make sense. These patches are based on mainline + Miklos's overlayfs-next branch: https://git.kernel.org/cgit/linux/kernel/git/mszeredi/vfs.git/log/?h=overlayfs-next Git version: https://git.kernel.org/cgit/linux/kernel/git/agruen/linux.git/log/?h=work.selinux Comments? Thanks, Andreas Andreas Gruenbacher (2): selinux: Stop looking up dentries from inodes overlayfs: Make getxattr work with inode only fs/9p/acl.c | 3 +++ fs/9p/xattr.c | 3 +++ fs/cifs/xattr.c | 9 +++++++-- fs/ecryptfs/inode.c | 8 ++++++-- fs/overlayfs/inode.c | 26 +++++++++++++++++--------- fs/overlayfs/overlayfs.h | 1 + fs/overlayfs/super.c | 10 +++++++--- net/socket.c | 3 +++ security/selinux/hooks.c | 43 +++++++++++++++---------------------------- 9 files changed, 62 insertions(+), 44 deletions(-) -- 2.5.5 _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
