On Thu, Oct 29, 2015 at 4:21 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote: > On 10/28/2015 08:47 PM, Andreas Gruenbacher wrote: >> >> When fetching an inode's security label, check if it is still valid, and >> try reloading it if it is not. Reloading will fail when we are in RCU >> context which doesn't allow sleeping, or when we can't find a dentry for >> the inode. (Reloading happens via iop->getxattr which takes a dentry >> parameter.) When reloading fails, continue using the old, invalid >> label. >> >> Signed-off-by: Andreas Gruenbacher <agrue...@redhat.com> > > > Could probably use inode_security_novalidate() for all of the SOCK_INODE() > cases, right?
I guess, yes. > Otherwise, > Acked-by: Stephen Smalley <s...@tycho.nsa.gov> Thanks, Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
