Re: [PATCH 1/2] VFS/Security: Rework inode_getsecurity and callers to return resulting buffer

On Thu, 1 Nov 2007, David P. Quigley wrote:

> This patch modifies the interface to inode_getsecurity to have the function
> return a buffer containing the security blob and its length via parameters
> instead of relying on the calling function to give it an appropriately sized
> buffer. Security blobs obtained with this function should be freed using the
> release_secctx LSM hook. This alleviates the problem of the caller having to
> guess a length and preallocate a buffer for this function allowing it to be
> used elsewhere for Labeled NFS. The patch also removed the unused err
> parameter. The conversion is similar to the one performed by Al Viro for the
> security_getprocattr hook.
>
> Signed-off-by: David P. Quigley <dpquigl@tycho.nsa.gov>

Acked-by: James Morris <jmorris@namei.org> -- James Morris <jmorris@namei.org> - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

• This message: [ Message body ]
• Next message: Serge E. Hallyn: "Re: [PATCH 1/2] VFS/Security: Rework inode_getsecurity and callers to return resulting buffer"
• Previous message: James Morris: "Re: [PATCH 2/2] VFS: Reorder vfs_getxattr to avoid unnecessary calls to the LSM"
• In reply to: David P. Quigley: "[PATCH 1/2] VFS/Security: Rework inode_getsecurity and callers to return resulting buffer"
• Next in thread: Serge E. Hallyn: "Re: [PATCH 1/2] VFS/Security: Rework inode_getsecurity and callers to return resulting buffer"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]