Question about inode security blob

Fan Wu wufan at
Tue Jan 12 00:56:09 UTC 2021


I'm trying to learn the security blob infrastructure for my future LSM 

Unlike other blobs, I found inode security blob has a special pattern. I 
couldn’t find useful information on the web so I think this mail list is 
the most appropriate place to ask this question.

The BPF and SELinux will check whether the inode->i_security is NULL 
before use

But for smack, it doesn't do such a check
Is this because smack_set_mnt_opts() already does the NULL check at 

Also, I wonder in which situation will the inode->i_security be NULL?

Thanks, and I hope I could make my contributions to LSM soon.


More information about the Linux-security-module-archive mailing list