From mboxrd@z Thu Jan 1 00:00:00 1970 From: Christoph Hellwig Subject: Re: [RFC][PATCH 2/3] ext2: Enable atomic inode security labeling Date: Tue, 12 Jul 2005 03:29:54 +0100 Message-ID: <20050712022954.GD26128@infradead.org> References: <1120829121.19035.45.camel@moss-spartans.epoch.ncsc.mil> <1120830914.19035.62.camel@moss-spartans.epoch.ncsc.mil> <20050710233927.GA1301@infradead.org> <1121086382.12334.14.camel@moss-spartans.epoch.ncsc.mil> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Christoph Hellwig , linuxfs , Alexander Viro , Ext2-devel@lists.sourceforge.net, Andreas Gruenbacher , Andreas Dilger , Andrew Morton , Stephen Tweedie , James Morris , Chris Wright Return-path: Received: from pentafluge.infradead.org ([213.146.154.40]:46733 "EHLO pentafluge.infradead.org") by vger.kernel.org with ESMTP id S261776AbVGLC37 (ORCPT ); Mon, 11 Jul 2005 22:29:59 -0400 To: Stephen Smalley Content-Disposition: inline In-Reply-To: <1121086382.12334.14.camel@moss-spartans.epoch.ncsc.mil> Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Mon, Jul 11, 2005 at 08:53:02AM -0400, Stephen Smalley wrote: > > Please set the xattr from security_inode_init_security by using ->setxattr, that > > way we don't need to duplicate this code everywhere. > > That doesn't allow us to ensure that the setting of the xattr occurs in > the same transaction as the create (in the ext3 case, doesn't matter for > ext2), so you can still have a crash and leave an unlabeled file around. > Just followed the example of the ACL code here, except that it doesn't > need to call to a security module to determine the ACL of the new inode. Makes sense. As unfortunate as the code duplicate is we'll have to live with it it seems.