[RFC PATCH] getvalues(2) prototype
Miklos Szeredi
miklos at szeredi.hu
Wed Mar 23 14:00:01 UTC 2022
On Wed, 23 Mar 2022 at 14:51, Casey Schaufler <casey at schaufler-ca.com> wrote:
> You also need a way to get a list off what attributes are available
> and/or a way to get all available attributes. Applications and especially
> libraries shouldn't have to guess what information is relevant. If the
> attributes change depending on the filesystem and/or LSM involved, and
> they do, how can a general purpose library function know what data to
> ask for?
Oh, yes. Even the current prototype does that:
# ~/getvalues / ""
[] = "mnt" "mntns" "xattr" "data" (len=21)
# ~/getvalues / "mnt"
[mnt] = "id" "parentid" "root" "mountpoint" "options" "shared"
"master" "propagate_from" "unbindable" (len=76)
# ~/getvalues / "mntns"
[mntns] = "21" "22" "24" "25" "23" "26" "27" "28" "29" "30" "31" "32" (len=36)
~/getvalues / "mntns:21"
[mntns:21] = "id" "parentid" "root" "mountpoint" "options" "shared"
"master" "propagate_from" "unbindable" (len=76)
I didn't implement enumeration for "data" and "xattr" but that is
certainly possible and not even difficult to do.
Thanks,
Miklos
More information about the Linux-security-module-archive
mailing list