[PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing

David Howells dhowells at redhat.com
Tue Aug 30 08:49:05 UTC 2022


Casey Schaufler <casey at schaufler-ca.com> wrote:

> The authors of this version of the mount code failed to look
> especially closely at how Smack maintains label names. Once a
> label name is used in the kernel it is kept on a list forever.
> All the copies of smk_known here and in the rest of the mount
> infrastructure are unnecessary and wasteful. The entire set of
> Smack hooks that deal with mounting need to be reworked to remove
> that waste. It's on my list of Smack cleanups, but I'd be happy
> if someone else wanted a go at it.

I don't have time to overhaul Smack right now.  Should I drop the Smack part
of the patch?

David



More information about the Linux-security-module-archive mailing list