summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorCasey Schaufler <casey@schaufler-ca.com>2016-06-01 03:24:15 +0300
committerJames Morris <james.l.morris@oracle.com>2016-06-06 12:59:18 +0300
commit2885c1e3e0c29e4a1915214ddc9673925f538299 (patch)
treeb7529a81d1580fe37dae577530a1cbc4e52bd86c /include
parent39baa7e6add5062bebf7cf1bdf6ecb4f380386bc (diff)
downloadlinux-2885c1e3e0c29e4a1915214ddc9673925f538299.tar.xz
LSM: Fix for security_inode_getsecurity and -EOPNOTSUPP
Serge Hallyn pointed out that the current implementation of security_inode_getsecurity() works if there is only one hook provided for it, but will fail if there is more than one and the attribute requested isn't supplied by the first module. This isn't a problem today, since only SELinux and Smack provide this hook and there is (currently) no way to enable both of those modules at the same time. Serge, however, wants to introduce a capability attribute and an inode_getsecurity hook in the capability security module to handle it. This addresses that upcoming problem, will be required for "extreme stacking" and is just a better implementation. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: Serge Hallyn <serge@hallyn.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions