[Kernel-packages] [Bug 1295948] Re: mako kernel doesn't support xattrs in the security namespace

Fri, 21 Mar 2014 21:56:23 -0700 

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: linux (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1295948

Title:
  mako kernel doesn't support xattrs in the security namespace

Status in “linux” package in Ubuntu:
  Confirmed

Bug description:
  Attempting on a mako device to setfattr on a file with the security
  namespace fails with EOPNOTSUPP:

    $ sudo setfattr  -h -n security.sdtest -v hello testfile
    setfattr: testfile: Operation not supported

  but the 'trusted' and 'user' namespaces work properly:

    $ sudo setfattr  -h -n user.sdtest -v hello testfile
    $ sudo getfattr  -h -n user.sdtest  testfile
    # file: testfile
    user.sdtest="hello"

  strace'ing the setfaddr command shows the following:

    lsetxattr("testfile", "security.sdtest", "hello", 5, 0) = -1
  EOPNOTSUPP (Operation not supported)

  This is not the case for other kernels based off an android kernel.
  e.g. it works fine on a grouper device.

  $ uname -a
  Linux ubuntu-phablet 3.4.0-5-mako #26-Ubuntu SMP PREEMPT Tue Feb 25 19:23:05 
UTC 2014 armv7l armv7l armv7l GNU/Linux

  Steps to reproduce:

    $ dd if=/dev/zero of=test.img bs=4096 count=4096
    4096+0 records in
    4096+0 records out
    16777216 bytes (17 MB) copied, 0.181383 s, 92.5 MB/s
    $ mkfs.ext3 -q -F test.img
    $ mkdir mountpoint
    $ sudo mount -o loop,user_xattr test.img mountpoint
    [sudo] password for phablet:
    $ mount | grep mountpoint
    /home/phablet/test.img on /home/phablet/mountpoint type ext3 
(rw,relatime,errors=continue,user_xattr,barrier=1,data=writeback)
    $ cd mountpoint/
    $ sudo touch testfile
    $ sudo setfattr  -h -n security.sdtest -v hello testfile   # this command 
fails on mako, not on grouper
    setfattr: testfile: Operation not supported
    $ sudo setfattr  -h -n trusted.sdtest -v hello testfile
    $ sudo getfattr  -h -n trusted.sdtest  testfile
    # file: testfile
    trusted.sdtest="hello"

  It fails regardless of whether the filesystem is ext3 or ext4.

  (There are apparmor tests that exercise this functionality, which is
  how it was noticed.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1295948/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to