evm_inode_init_security and module stacking

[Casey Schaufler]

I'm looking at the code in evm_inode_init_security
and it looks like there's no way it could be taught
to deal with there being more than one security
attribute being controlled. This is because the
EVM data is stored in XATTR_EVM_SUFFIX, for which
there is only one per file. On a system with both
SELinux and Smack, there isn't a place to put the
EVM attribute for whichever module comes second.

Or, as has often been the case, am I missing something?

Thank you.

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html