On Sun, 3 Jul 2005, Greg KH wrote: > Good idea. Here's a patch to do just that (compile tested only...) > > Comments?
Looks promising so far. I'm currently porting selinuxfs funtionality to securityfs, although I'm not sure if we'll be ok during early initialization. selinuxfs is currently kern_mounted via an initcall. We may need an initcall kern_mount() of securityfs before SELinux kicks in. Stephen: opinions on this? Otherwise, it looks like it'll allow SELinux to drop some code. Generally it will mean that other LSM components won't have to create their own filesystems, and their subdirectories will be hanging off /security (or wherever selinuxfs is mounted), rather than scattered across / Some of the SELinux code may be useful as part of securityfs later, as well. > +struct dentry *securityfs_create_file(const char *name, mode_t mode, > + struct dentry *parent, void *data, > + struct file_operations *fops) > +{ > + struct dentry *dentry = NULL; > + int error; > + > + pr_debug("securityfs: creating file '%s'\n",name); > + > + error = simple_pin_fs("securityfs", &mount, &mount_count); > + if (error) > + goto exit; > + > + error = create_by_name(name, mode, parent, &dentry); > + if (error) { > + dentry = NULL; > + goto exit; > + } > + > + if (dentry->d_inode) { > + if (data) > + dentry->d_inode->u.generic_ip = data; > + if (fops) > + dentry->d_inode->i_fop = fops; > + } > +exit: > + return dentry; > +} > +EXPORT_SYMBOL_GPL(securityfs_create_file); How about having all API functions which return a pointer be converted to use ERR_PTR() ? This will allow errors to be propagated to the calling code. - James -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/