1 files changed, 13 insertions, 0 deletions

diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index a240a3fc5fc4..f7e55d0d2672 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -445,6 +445,15 @@
  *      to abort the copy up. Note that the caller is responsible for reading
  *      and writing the xattrs as this hook is merely a filter.
  *
+ * Security hooks for kernfs node operations
+ *
+ * @kernfs_init_security:
+ *      Initialize the security context of a newly created kernfs node based
+ *      on its own and its parent's attributes.
+ *
+ *      @kn_dir the parent kernfs node
+ *      @kn the new child kernfs node
+ *
  * Security hooks for file operations
  *
  * @file_permission:
@@ -1570,6 +1579,9 @@ union security_list_options {
         int (*inode_copy_up)(struct dentry *src, struct cred **new);
         int (*inode_copy_up_xattr)(const char *name);
 
+        int (*kernfs_init_security)(struct kernfs_node *kn_dir,
+                                    struct kernfs_node *kn);
+
         int (*file_permission)(struct file *file, int mask);
         int (*file_alloc_security)(struct file *file);
         void (*file_free_security)(struct file *file);
@@ -1871,6 +1883,7 @@ struct security_hook_heads {
         struct hlist_head inode_getsecid;
         struct hlist_head inode_copy_up;
         struct hlist_head inode_copy_up_xattr;
+        struct hlist_head kernfs_init_security;
         struct hlist_head file_permission;
         struct hlist_head file_alloc_security;
         struct hlist_head file_free_security;