[PATCH 1/2] [lsm] introduce a new hook to query LSM for functionality
James Morris
jmorris at namei.org
Sat Nov 7 01:33:11 UTC 2020
On Thu, 5 Nov 2020, Olga Kornievskaia wrote:
> From: Olga Kornievskaia <kolga at netapp.com>
>
> Add a new hook func_query_vfs to query an LSM module (such as
> SELinux) with the intention of finding whether or not it is enabled
> or perhaps supports some functionality.
>
> NFS stores security labels for file system objects and SElinux
> or any other LSM module can query those objects. But it's
> wasteful to do so when no security enforcement is taking place.
> Using a new API call of security_func_query_vfs() and asking if
Seems we lost something here.
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list