On Thu, Jul 14, 2005 at 03:29:37PM -0400, Stephen Smalley wrote: > This patch removes the inode_post_create/mkdir/mknod/symlink LSM hooks > as they are obsoleted by the new inode_init_security hook that enables > atomic inode security labeling. If anyone sees any reason to retain these hooks, > please speak now. Also, is anyone using the post_rename/link hooks; if not, > those could also be removed. > The new inode_init_security hook doesn't receive the dentry information that the inode_post_create/mkdir/mknod/symlink LSM hooks receive. This is a problem for subdomain because we rely on dentry information. also the inode_init_security hook forces labeling through xattrs, where the inode_post_create/mkdir/mknod/symlink hooks all labeling through files, which allows for fallback support on filesystem that don't support xattrs. Of course it looks like this issue might go away with the the Generic fallback patch that was posted this morning (sorry I haven't had time todo anything more than skim it). jj
This archive was generated by hypermail 2.1.3 : Fri Jul 15 2005 - 13:54:55 PDT