On Tue, Jul 28, 2015 at 05:33:10PM -0400, Mimi Zohar wrote: > To prevent offline stripping of existing file xattrs and relabeling of > them at runtime, EVM allows only newly created files to be labeled. As > pseudo filesystems are not persistent, stripping of xattrs is not a > concern. > > Some LSMs defer file labeling on pseudo filesystems. This patch > permits the labeling of existing files on pseudo files systems. > > Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> > (cherry picked from commit 5101a1850bb7ccbf107929dee9af0cd2f400940f) > --- > security/integrity/evm/evm_main.c | 11 +++++++++++ > 1 file changed, 11 insertions(+) What stable kernel version(s) do you want this applied to? -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html