sigh, and with the intoductory text attached This post is a request for discussion on creating a second minimal nameidata struct to eliminate conditionally passing of vfsmounts to the LSM. It contains a series of patches that apply on top of the AppArmor patch series. A previous version of these patches was posted by Andreas Gruenbacher on April 16, and the issues raised then have been addressed. To remove conditionally passing of vfsmounts to the LSM, a nameidata struct can be instantiated in the nfsd and mqueue filesystems. This however results in useless information being passed down, as not all fields in the nameidata struct will be meaingful. The nameidata struct is split creating struct nameidata2 that contains only the fields that will carry meaningful information. The creation of the nameidata2 struct raises the possibility of replacing the current dentry, vfsmount argument pairs in the vfs and lsm patches with a single nameidata2 argument although these patches do not currently do this. A tarball of these patches and the AppArmor kernel patches are available at: http://forgeftp.novell.com//apparmor/LKML_Submission-May_07/
Attachment:
pgpYuo3fnmFIO.pgp
Description: PGP signature
- References:
- Prev by Date: Re: [AppArmor 00/45] AppArmor security module overview
- Next by Date: Re: undeprecate raw driver.
- Previous by thread: [RFD Patch 1/4] Pass no useless nameidata to the create, lookup, and permission IOPs
- Next by thread: [AppArmor 00/45] AppArmor security module overview
- Index(es):
 |