Extended attribute support was merged in 2.5.3. Extended attributes come in name:value pairs. The name is a character string representing the namespace for the extended attributes. The value is free form, and is of questionable use to the module (however is included in the patches below). Attached are two patches to add hooks to LSM to mediate EA access. The first patch adds kernel side support for four new inode hooks: - setxattr - getxattr - listxattr - removexattr $ diffstat ~/bk/lsm/lsm-2.5/2.5.3-xattr1.diff fs/xattr.c | 18 ++++++++++++++++++ include/linux/security.h | 23 ++++++++++++++++++++++- 2 files changed, 40 insertions, 1 deletion The second patch adds support module side for the new hooks. None of these hook implementations do anything besides "return 0;" $ diffstat ~/bk/lsm/lsm-2.5/2.5.3-xattr2.diff capability.c | 27 +++++++++++++++++++++++++++ dte/dte.c | 27 +++++++++++++++++++++++++++ dummy.c | 27 +++++++++++++++++++++++++++ owlsm.c | 27 +++++++++++++++++++++++++++ selinux/hooks.c | 24 ++++++++++++++++++++++++ 5 files changed, 132 insertions comments? we are due a 2.5.3 snapshot release and it might be nice to get this in first. thanks, -chris
This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 20:43:15 PST