From mboxrd@z Thu Jan  1 00:00:00 1970
From: Christoph Hellwig <hch@infradead.org>
Subject: Re: [PATCH] vfs: new FROM_ACCESS flag
Date: Tue, 22 Sep 2009 09:56:12 -0400
Message-ID: <20090922135612.GA17769@infradead.org>
References: <20090921013048.2763.1494.stgit@paris.rdu.redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	viro@zeniv.linux.org.uk, hch@infradead.org
To: Eric Paris <eparis@redhat.com>
Return-path: <linux-kernel-owner+glk-linux-kernel-3=40m.gmane.org-S1756539AbZIVN4K@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <20090921013048.2763.1494.stgit@paris.rdu.redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On Sun, Sep 20, 2009 at 09:30:48PM -0400, Eric Paris wrote:
> This new acc_mode flag is just to tell the security system this inode
> permission check is from the access system call.  The security system can
> use this information as it finds appropriete.  In particular SELinux plans to
> use this flag to alter what we choose to audit and what we do not choose to
> audit.

I think you're better off splitting the existing MAY_ACCESS flag and
only using MAY_ACCESS for calles from access() insteaf of introducing
a FROM_ACCESS flag and causing lots of naming confusion.