I must say I personally prefer the apparmor approach. But I'd recommend
you get together and get this piece pushed on its own, whichever version
you can agree on. Yes it needs a user, but at this point I would think
both tomoyo and apparmor have had enough visibility that everyone knows
the intended users.
It seems to me you're both being held up by this piece, and getting
another full posting of either tomoyo or apparmor isn't going to help,
so hopefully you can combine your efforts to get this solved.
thanks,
-serge
Quoting Kentaro Takeda ([EMAIL PROTECTED]):
> This patch allows VFS wrapper functions associate "struct vfsmount"
> with "struct task_struct" so that LSM hooks can calculate
> pathname of given "struct dentry".
>
> Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
> ---
> include/linux/init_task.h | 1 +
> include/linux/sched.h | 2 ++
> 2 files changed, 3 insertions(+)
>
> --- linux-2.6-mm.orig/include/linux/init_task.h
> +++ linux-2.6-mm/include/linux/init_task.h
> @@ -187,6 +187,7 @@ extern struct group_info init_groups;
> .dirties = INIT_PROP_LOCAL_SINGLE(dirties), \
> INIT_TRACE_IRQFLAGS \
> INIT_LOCKDEP \
> + .last_vfsmount = NULL, \
> }
>
>
> --- linux-2.6-mm.orig/include/linux/sched.h
> +++ linux-2.6-mm/include/linux/sched.h
> @@ -1238,6 +1238,8 @@ struct task_struct {
> int make_it_fail;
> #endif
> struct prop_local_single dirties;
> + /* vfsmount info for LSM hooks. */
> + struct vfsmount *last_vfsmount;
> };
>
> /*
>
> --
> -
> To unsubscribe from this list: send the line "unsubscribe
> linux-security-module" in
> the body of a message to [EMAIL PROTECTED]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
