linux_dsm_epyc7002/security
Stephen Smalley 570bc1c2e5 [PATCH] tmpfs: Enable atomic inode security labeling
This patch modifies tmpfs to call the inode_init_security LSM hook to set
up the incore inode security state for new inodes before the inode becomes
accessible via the dcache.

As there is no underlying storage of security xattrs in this case, it is
not necessary for the hook to return the (name, value, len) triple to the
tmpfs code, so this patch also modifies the SELinux hook function to
correctly handle the case where the (name, value, len) pointers are NULL.

The hook call is needed in tmpfs in order to support proper security
labeling of tmpfs inodes (e.g.  for udev with tmpfs /dev in Fedora).  With
this change in place, we should then be able to remove the
security_inode_post_create/mkdir/...  hooks safely.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-09 13:57:28 -07:00
..
keys [PATCH] Destruction of failed keyring oopses 2005-08-04 13:11:14 -07:00
selinux [PATCH] tmpfs: Enable atomic inode security labeling 2005-09-09 13:57:28 -07:00
capability.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
commoncap.c [PATCH] setuid core dump 2005-06-23 09:45:26 -07:00
dummy.c [PATCH] security: enable atomic inode security labeling 2005-09-09 13:57:27 -07:00
Kconfig Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
Makefile Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
root_plug.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
seclvl.c [CRYPTO]: Use CRYPTO_TFM_REQ_MAY_SLEEP where appropriate 2005-09-01 17:43:25 -07:00
security.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00