mirror of
https://github.com/torvalds/linux.git
synced 2024-11-24 21:21:41 +00:00
1cda52f1b4
Currently, fsnotify_open_perm() is called from security_file_open(). This is a a bit unexpected and creates otherwise unnecessary dependency of CONFIG_FANOTIFY_ACCESS_PERMISSIONS on CONFIG_SECURITY. Fix this by calling fsnotify_open_perm() directly. Signed-off-by: Song Liu <song@kernel.org> Acked-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Jan Kara <jack@suse.cz> Link: https://patch.msgid.link/20241013002248.3984442-1-song@kernel.org
27 lines
876 B
Plaintext
27 lines
876 B
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
config FANOTIFY
|
|
bool "Filesystem wide access notification"
|
|
select FSNOTIFY
|
|
select EXPORTFS
|
|
default n
|
|
help
|
|
Say Y here to enable fanotify support. fanotify is a file access
|
|
notification system which differs from inotify in that it sends
|
|
an open file descriptor to the userspace listener along with
|
|
the event.
|
|
|
|
If unsure, say Y.
|
|
|
|
config FANOTIFY_ACCESS_PERMISSIONS
|
|
bool "fanotify permissions checking"
|
|
depends on FANOTIFY
|
|
default n
|
|
help
|
|
Say Y here is you want fanotify listeners to be able to make permissions
|
|
decisions concerning filesystem events. This is used by some fanotify
|
|
listeners which need to scan files before allowing the system access to
|
|
use those files. This is used by some anti-malware vendors and by some
|
|
hierarchical storage management systems.
|
|
|
|
If unsure, say N.
|