Re: [RFC 0/28] Patches to pass vfsmount to LSM inode security hooks

[Casey Schaufler]

--- Tony Jones <tonyj@xxxxxxx> wrote:

> Introduction
> ------------
> 
> The following are a set of patches the goal of which
> is to pass vfsmounts
> through select portions of the VFS layer sufficient
> to be visible to the LSM
> inode operation hooks.



> 
> They are being posted now as a request for comment. 
> Presently the AppArmor
> code - being a user of the LSM interface - does not
> receive the vfsmount 
> correspoding to an operation and has to employ
> convoluted and slow mechanisms 
> in an attempt to determine the vfsmount which are
> error prone.

Would it be possible for you to describe those
methods? Perhaps there is a better way to go
about getting the information you need without
introducing this level of change.



Casey Schaufler
casey@xxxxxxxxxxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/