> On Jul 11, 2025, at 2:36 AM, Christian Brauner <brauner@xxxxxxxxxx> wrote: > > On Thu, Jul 10, 2025 at 05:00:18PM +0000, Song Liu wrote: >> >> >>> On Jul 10, 2025, at 4:46 AM, Christian Brauner <brauner@xxxxxxxxxx> wrote: >> >> [...] >> >>>> Right now, we have security_sb_mount and security_move_mount, for >>>> syscall “mount” and “move_mount” respectively. This is confusing >>>> because we can also do move mount with syscall “mount”. How about >>>> we create 5 different security hooks: >>>> >>>> security_bind_mount >>>> security_new_mount >>>> security_reconfigure_mount >>>> security_remount >>>> security_change_type_mount >>>> >>>> and remove security_sb_mount. After this, we will have 6 hooks for >>>> each type of mount (the 5 above plus security_move_mount). >>> >>> I've multiple times pointed out that the current mount security hooks >>> aren't working and basically everything in the new mount api is >>> unsupervised from an LSM perspective. >> >> To make sure I understand the comment. By “new mount api”, do you mean >> the code path under do_new_mount()? > > fsopen() > fsconfig() > fsmount() > open_tree() > open_tree_attr() > move_mount() > statmount() > listmount() > > I think that's all. Reading the code, I think we also need to cover fspick. Thanks, Song
