Thread (55 messages) 55 messages, 8 authors, 2018-04-11

Re: [PATCH bpf-next v8 01/11] fs,security: Add a security blob to nameidata

From: Al Viro <viro@ZenIV.linux.org.uk>
Date: 2018-02-27 00:57:32
Also in: linux-api, linux-fsdevel, linux-security-module, netdev 

On Tue, Feb 27, 2018 at 01:41:11AM +0100, Mickaël Salaün wrote:
The function current_nameidata_security(struct inode *) can be used to
retrieve a blob's pointer address tied to the inode being walk through.
This enable to follow a path lookup and know where an inode access come
from. This is needed for the Landlock LSM to be able to restrict access
to file path.

The LSM hook nameidata_free_security(struct inode *) is called before
freeing the associated nameidata.
NAK.  Not without well-defined semantics and "some Linux S&M uses that for
something, don't ask what" does not count.
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help