[PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
David Howells
dhowells at redhat.com
Tue Aug 30 08:49:05 UTC 2022
Casey Schaufler <casey at schaufler-ca.com> wrote:
> The authors of this version of the mount code failed to look
> especially closely at how Smack maintains label names. Once a
> label name is used in the kernel it is kept on a list forever.
> All the copies of smk_known here and in the rest of the mount
> infrastructure are unnecessary and wasteful. The entire set of
> Smack hooks that deal with mounting need to be reworked to remove
> that waste. It's on my list of Smack cleanups, but I'd be happy
> if someone else wanted a go at it.
I don't have time to overhaul Smack right now. Should I drop the Smack part
of the patch?
David
More information about the Linux-security-module-archive
mailing list