Hi Tetsuo, On Tue, Mar 24, 2026 at 6:02 PM Tetsuo Handa <[email protected]> wrote: [...] > > > > If I understand Christian correctly, the main challenge here is that > > FS_REQUIRES_DEV doesn't imply fc->source is the path of a device. > > Correct. FS_REQUIRES_DEV no longer implies that fc->source is a pathname. > > > Changing this assumption is a major change between VFS and many > > filesystems. > > Wrong. I'm not trying to change this assumption. I'm trying to move LSM hook > to a location after fc->source was interpreted by individual filesystem.
After spending some more time on this, I think we should not add fc->source_path. This is because in many cases, dev_name for a new mount is not a dev, or a path. For example, I can create a btrfs raid0 volume on two devices, and use either of them as dev_name to mount the volume. It is not accurate to put the path of either device in fc->source_path. OTOH, if a LSM really wants to monitor the devices used by this mount, security_sb_kern_mount() is a better hook to use. This will require the LSM understands s_fs_info for specific file systems, which is not easy but necessary. For now, I think it makes sense to keep security_mount_new() in this set as-is, and let LSMs like tomoyo and apparmor call kern_path when necessary. Thanks, Song
