On Sat, 2023-06-03 at 21:15 +0200, Roberto Sassu wrote: > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > Change the evm_inode_init_security() definition to align with the LSM > infrastructure. Keep the existing behavior of including in the HMAC > calculation only the first xattr provided by LSMs. > > Changing the evm_inode_init_security() definition requires passing the > xattr array allocated by security_inode_init_security(), and the number of > xattrs filled by previously invoked LSMs. > > Use the newly introduced lsm_get_xattr_slot() to position EVM correctly in > the xattrs array, like a regular LSM, and to increment the number of filled > slots. For now, the LSM infrastructure allocates enough xattrs slots to > store the EVM xattr, without using the reservation mechanism. > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
