[PATCH v3 6/7] tomoyo: Convert from sb_mount to granular mount hooks
Paul Moore
paul at paul-moore.com
Mon May 11 19:52:51 UTC 2026
On May 8, 2026 Song Liu <song at kernel.org> wrote:
>
> Replace tomoyo_sb_mount() with granular mount hooks. Each hook
> reconstructs the MS_* flags expected by tomoyo_mount_permission()
> using the original flags parameter where available.
>
> Key changes:
> - mount_bind: passes the pre-resolved source path to
> tomoyo_mount_acl() via a new dev_path parameter, instead of
> re-resolving dev_name via kern_path(). This eliminates a TOCTOU
> vulnerability.
> - mount_new, mount_remount, mount_reconfigure: use the original
> mount(2) flags for policy matching.
> - mount_move: passes pre-resolved paths for both source and
> destination.
> - mount_change_type: passes raw ms_flags directly.
>
> Also removes the unused data_page parameter from
> tomoyo_mount_permission().
>
> Code generated with the assistance of Claude, reviewed by human.
>
> Signed-off-by: Song Liu <song at kernel.org>
> ---
> security/tomoyo/common.h | 2 +-
> security/tomoyo/mount.c | 31 +++++++++++++-------
> security/tomoyo/tomoyo.c | 63 ++++++++++++++++++++++++++++++----------
> 3 files changed, 70 insertions(+), 26 deletions(-)
Tetsuo, I know you had several comments on an earlier revision. Can you
either ACK this or let Song know what changes you require?
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list