Quoting Greg KH (gregat_private): > I'm looking for feedback on this: > - do these hooks look sufficient for what everyone wants to do > with regards to inode operations? > - have I placed the hooks in good places? (I'm not happy about > with where the setattr() hook is, I really don't want any of > these to be called within any kernel lock. This one violates > that.) > - have I done anything real dumb with these hooks? > - anything else people want to comment on. Hey guys, I've been sitting on the sidelines watching so far. However, I do have some particular needs for hooks for DTE. I need to assign types to files based on absolute pathname. For the moment i will ignore the fact that with binding and multiple mounts I require some other changes in order to even get a single, system-wide pathname from a dentry/vfsmnt pair, as I'm not certain it's something for us to worry about in this context (though it probably is). However, I believe that any module which will label an inode based upon pathnames will wish to add the labels at the first open, or first create. I'm working on 2.4.0-test11 (sorry), and I'm attaching the diff for my namei.c. In each place where dte_set_types is called, I would love to see a security_ops->inode_ops->set_pathbased_label(dentry,vfsmnt) hook. My kernel panics if a type isn't assigned by the time I get to permission(), so I'm reasonably certain I've caught the important spots. -serge
This archive was generated by hypermail 2b30 : Wed Apr 18 2001 - 21:54:12 PDT