From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joel Becker Subject: Re: New reflink(2) syscall Date: Tue, 5 May 2009 12:15:30 -0700 Message-ID: <20090505191530.GJ7835@mail.oracle.com> References: <1241443016.3023.51.camel@localhost.localdomain> <1241456379.3023.173.camel@localhost.localdomain> <20090505180024.GI7835@mail.oracle.com> <1241548882.3023.356.camel@localhost.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: James Morris , lsm , linux-fsdevel@vger.kernel.org To: Stephen Smalley Return-path: Content-Disposition: inline In-Reply-To: <1241548882.3023.356.camel@localhost.localdomain> Sender: linux-security-module-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Tue, May 05, 2009 at 02:41:22PM -0400, Stephen Smalley wrote: > On Tue, 2009-05-05 at 11:00 -0700, Joel Becker wrote: > > On Mon, May 04, 2009 at 12:59:39PM -0400, Stephen Smalley wrote: > > > On Tue, 2009-05-05 at 01:35 +1000, James Morris wrote: > > > > Agreed, perhaps something like: > > > > > > > > int security_inode_reflink(struct dentry *dentry, struct inode *dir); > > > > > > I'd pass the same arguments as vfs_reflink(), i.e. old_dentry, dir, > > > new_dentry. > > > > I'm about to insert this bit. I agree with > > security_inode_reflink(old_dentry, dir, new_dentry), but I note that > > security_path_reflink() was proposed in another email, and I'm guessing > > I should add both? > > The TOMOYO folks said that calling security_path_link() would suffice > for their purposes. SELinux would want security_inode_reflink() from > vfs_reflink(). I've added both. I have no idea how to add the actual SELinux/TOMOYO bits, so I've just added the operations hook :-) Joel -- To spot the expert, pick the one who predicts the job will take the longest and cost the most. Joel Becker Principal Software Developer Oracle E-mail: joel.becker@oracle.com Phone: (650) 506-8127