John Johansen wrote: >On Tue, Nov 22, 2005 at 01:06:17PM +0800, Hawk Xu wrote: > > >>Hi! >> >>I use inode_alloc_security() hook to alloate space for security >>attributes of inodes. But I found that for the i_security field is >>still NULL for: >> >>1. all files (the security LSM is loaded manually after system boot) >>2. all files created after system boot (the security LSM is loaded >>during system boot) >> >>It seems that the inode_alloc_security() hook is not always called. And >>in my inode_post_setxattr() hook, I have to check that the i_security >>field is non-NULL before setting security attributes for the inode. Any >>idea to avoid this? >> >> >> >the i_security field is NULL for all files that are created before your >security module is loaded because the dummy inode_alloc_security hook is >called until your module has registered it security fn hooks. The only way to >avoid this is build your module as part of the kernel (ie. not a loadable >module), look at the selinux code for an exmaple of how to do this. > > I think that your explanation doesn't explain my `2' (i_security is NULL for all files created after the LSM is loaded), what do you think? -- Best regards, Hawk Xu, M.S.C.S. h.xu `echo "ta"|rev` 163 `echo "tod"|rev` com
This archive was generated by hypermail 2.1.3 : Mon Nov 21 2005 - 22:09:56 PST