On Thu, Jan 09, 2014 at 05:18:09PM -0500, Eric Paris wrote: > > Just RCU-delay freeing the damn thing and treat NULL ->i_security in > > ->permission() (which can happen only with MAY_NOT_BLOCK in mask) as > > "return -ECHILD and let the caller deal with that". > > > > Modifying every ->destroy_inode() is obviously wrong - there's a lot more > > filesystems than LSM buggers in the tree. > > We just want the same lifetime as the inode. Allocate the security blob > when the inode is allocated and free the security blob when the inode is > freed. Ultimate freeing of struct inode can easily happen outside of VFS - that's what ->destroy_inode() is for. Moreover, filesystem might decide to do very odd things to it, as long as it doesn't do so without RCU delay. So no, there's no single place to do that. -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html