[PATCH v5 2/7] lsm: introduce new hooks for setting/getting inode fsxattr
Paul Moore
paul at paul-moore.com
Fri May 23 08:26:05 AEST 2025
On May 13, 2025 Andrey Albershteyn <aalbersh at redhat.com> wrote:
>
> Introduce new hooks for setting and getting filesystem extended
> attributes on inode (FS_IOC_FSGETXATTR).
>
> Cc: selinux at vger.kernel.org
> Cc: Paul Moore <paul at paul-moore.com>
>
> Signed-off-by: Andrey Albershteyn <aalbersh at kernel.org>
> ---
> fs/file_attr.c | 19 ++++++++++++++++---
> include/linux/lsm_hook_defs.h | 2 ++
> include/linux/security.h | 16 ++++++++++++++++
> security/security.c | 30 ++++++++++++++++++++++++++++++
> 4 files changed, 64 insertions(+), 3 deletions(-)
The only thing that gives me a slight pause is that on a set operation
we are going to hit both the get and set LSM hooks, but since the code
does call into the getter on a set operation this is arguably the right
thing.
Acked-by: Paul Moore <paul at paul-moore.com>
--
paul-moore.com
More information about the Linuxppc-dev
mailing list