Re: [PATCH v3 5/7] security: Add hook to invalidate inode security labels

2015-10-27 Thread James Morris
On Mon, 26 Oct 2015, Andreas Gruenbacher wrote: > Add a hook to invalidate an inode's security label when the cached > information becomes invalid. > > Implement the new hook in selinux: set a flag when a security label becomes > invalid. When hitting a security label which has been marked as in

Re: [PATCH v3 5/7] security: Add hook to invalidate inode security labels

2015-10-27 Thread James Morris
On Mon, 26 Oct 2015, Andreas Gruenbacher wrote: > Add a hook to invalidate an inode's security label when the cached > information becomes invalid. > > Implement the new hook in selinux: set a flag when a security label becomes > invalid. When hitting a security label which has been marked as in

[PATCH v3 5/7] security: Add hook to invalidate inode security labels

2015-10-26 Thread Andreas Gruenbacher
Add a hook to invalidate an inode's security label when the cached information becomes invalid. Implement the new hook in selinux: set a flag when a security label becomes invalid. When hitting a security label which has been marked as invalid in inode_has_perm, try reloading the label. If an in