Re: [Linux-security-module-commit] lsm 2.5 tree change 1.2.1.19 1.2.1.20 1.2.1.21 1.2.1.22 1.2.1.23 1.2.1.24 1.2.1.25 1.2.1.26 1.2.1.27 1.2.1.28 1.2.1.29 1.2.1.30 1.294 1.295 1.296 1.297 1.298 1.299 1

Previous message: Stephen Smalley: "Re: [RFC][PATCH] super block [alloc|free]_security"
In reply to: Chris Wright: "Re: [Linux-security-module-commit] lsm 2.5 tree change 1.2.1.19 1.2.1.20 1.2.1.21 1.2.1.22 1.2.1.23 1.2.1.24 1.2.1.25 1.2.1.26 1.2.1.27 1.2.1.28 1.2.1.29 1.2.1.30 1.294 1.295 1.296 1.297 1.298 1.299 1.300 1.2.1.31 1.301 1.302"
Next in thread: Stephen Smalley: "Re: post_mountroot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

sdsat_private

On Mon, 17 Dec 2001, Chris Wright wrote:

> the superblock changes need to be addressed.  namely, when you allocate,
> free and label superblocks.  the old read_super() function is gone, and
> the fs_type->read_super() method is called directly.  also, superblocks
> are attempted to be recycled.  we may want to consider pushing
> alloc_security into alloc_super, moving free_security into
> destroy_super.

Moving these hooks as you suggest sounds fine to me, and shouldn't pose
any problems for SELinux.

> also, mount_root() has moved from fs/super.c to init/do_mounts.c and now
> uses sys_mount() rather than handling it all in mount_root().  so i'm not
> sure how we can handle the sb_ops->post_mountroot() hook (currently it
> does not exist anywhere).

I would think that the check_sb and post_addmount hooks are sufficient to
handle the old post_mountroot hook processing.  So the post_mountroot hook
may be obsolete.

--
Stephen D. Smalley, NAI Labs
ssmalleyat_private

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module