[PATCH 10/32] tomoyo: Implement security hooks for the new mount API [ver #9]

Tetsuo Handa penguin-kernel at i-love.sakura.ne.jp
Tue Jul 10 23:34:19 UTC 2018


David Howells wrote:
> Implement the security hook to check the creation of a new mountpoint for
> Tomoyo.
> 
> As far as I can tell, Tomoyo doesn't make use of the mount data or parse
> any mount options, so I haven't implemented any of the fs_context hooks for
> it.
> 
> Signed-off-by: David Howells <dhowells at redhat.com>
> cc: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
> cc: tomoyo-dev-en at lists.sourceforge.jp
> cc: linux-security-module at vger.kernel.org
> 

Would you provide examples of each possible combination as a C program?
For example, if one mount point from multiple sources with different
options are possible, please describe such pattern using syscall so that
LSM modules can run it to see whether they are working as expected.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the Linux-security-module-archive mailing list