search for: lsm_find_xattr_slot

Displaying 3 results from an estimated 3 matches for "lsm_find_xattr_slot".

2023 Mar 28
1
[PATCH v8 4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook
...39;t make some minor changes to the > > LSMs to avoid the compaction step. > > I liked more the idea that LSMs do what they are most familiar with, > get an offset in a security blob or, in this case, a starting slot in > the new_xattrs array, and write there. > > v3 had the lsm_find_xattr_slot() helper, to get the starting slot, but > somehow I find it less intuitive. > > Ok, if you prefer to avoid the compaction stage, I will rewrite this > patch. My concern is having to look through the xattr array after each LSM has been run and in at least one case having to then do a me...
2023 Mar 14
7
[PATCH v8 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes
...d_xattrs (suggested by Mimi) v3: - Don't free the xattr name in reiserfs_security_free() - Don't include fs_data parameter in inode_init_security hook - Don't change evm_inode_init_security(), as it will be removed if EVM is stacked - Fix inode_init_security hook documentation - Drop lsm_find_xattr_slot(), use simple xattr reservation mechanism and introduce security_check_compact_xattrs() to compact the xattr array - Don't allocate xattr array if LSMs didn't reserve any xattr - Return zero if initxattrs() is not provided to security_inode_init_security(), -EOPNOTSUPP if value is not p...
2022 Dec 01
8
[PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes
...d_xattrs (suggested by Mimi) v3: - Don't free the xattr name in reiserfs_security_free() - Don't include fs_data parameter in inode_init_security hook - Don't change evm_inode_init_security(), as it will be removed if EVM is stacked - Fix inode_init_security hook documentation - Drop lsm_find_xattr_slot(), use simple xattr reservation mechanism and introduce security_check_compact_xattrs() to compact the xattr array - Don't allocate xattr array if LSMs didn't reserve any xattr - Return zero if initxattrs() is not provided to security_inode_init_security(), -EOPNOTSUPP if value is not p...