Hi,
I could do with some help in making AppArmor work with the new mount API:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/log/?h=mount-context
For starters, all the security mount hooks have changed to take a context
parameter. The options are parsed individua
Hi John,
I've been having a look at making AppArmor work with the new mount API, the
basic infrastructure for which can be found here:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/log/?h=mount-context
but this doesn't work for AppArmor. Unfortunately, I've come
John Johansen wrote:
> I am not sure which is the quickest approach to get apparmor out of
> the way for the new mount API.
For the moment, the attached patch compiles. It will need folding into the
main patch. I've pushed my tree out to:
git://git.kernel.org/pub/scm/linux/kernel/git/
-by: David Howells
cc: John Johansen
cc: apparmor@lists.ubuntu.com
cc: linux-security-mod...@vger.kernel.org
---
security/apparmor/include/mount.h | 11 +
security/apparmor/lsm.c | 80 +
security/apparmor/mount.c | 46
John Johansen wrote:
> this looks good, and has pasted the testing that I have done so far. I
> have started on the work that will allow us to reorder the match but
> its not ready yet and shouldn't hold this up.
Excellent, thanks!
One thing to consider: Kent Overstreet mentioned the possibilit
-by: David Howells
Acked-by: John Johansen
cc: apparmor@lists.ubuntu.com
cc: linux-security-mod...@vger.kernel.org
---
security/apparmor/include/mount.h | 11 +
security/apparmor/lsm.c | 80 +
security/apparmor/mount.c | 46
-by: David Howells
Acked-by: John Johansen
cc: apparmor@lists.ubuntu.com
cc: linux-security-mod...@vger.kernel.org
---
security/apparmor/include/mount.h | 11 +
security/apparmor/lsm.c | 80 +
security/apparmor/mount.c | 46
dation hook to be called at the same time as the mount context
validate op.
The patches can be found here also:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
on branch:
mount-api
David
---
Al Viro (2):
vfs: syscall: Add open_tree(2) to reference or
-by: David Howells
Acked-by: John Johansen
cc: apparmor@lists.ubuntu.com
cc: linux-security-mod...@vger.kernel.org
---
security/apparmor/include/mount.h | 11 +++-
security/apparmor/lsm.c | 107 +
security/apparmor/mount.c | 46
validate op.
The patches can be found here also:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
tagged as:
mount-api-20180801
on branch:
mount-api
David
---
Al Viro (2):
vfs: syscall: Add open_tree(2) to reference or clone a mount
Eric W. Biederman wrote:
> There is a serious problem with mount options today that fsopen does not
> address. The problem is that mount options are ignored for block based
> filesystems, and any other type of filesystem that follows the same
> pattern.
Yes. Since you *absolutely* *insist* on
Theodore Y. Ts'o wrote:
> Even *with* file system support, there's no way today for the VFS to
> keep track of whether a pathname resolution came through one
> mountpoint or another, so I can't do something like this:
Ummm... Isn't that encoded in the vfsmount pointer in struct path?
However,
Andy Lutomirski wrote:
> > /dev/loop0 /root/loop0-noacl-noquota-nouser_xattr ext4
> > rw,relatime,nouser_xattr,noacl 0 0
> > /dev/loop0 /root/loop0-acl-quota-user_xattr ext4
> > rw,relatime,nouser_xattr,noacl 0 0
>
> To make sure I understand correctly: the problem is that the second mount
> i
Casey Schaufler wrote:
> > P.S. And as Al has pointed out, this would require special, per-file
> > system support to determine whether the mount options are conflicting
> > or not
>
> This extends to LSMs that support mount options (SELinux and Smack)
> as well.
Yes. I'm doing that.
Da
Eric W. Biederman wrote:
> > Yes, I agree it would be nice to have, but it *doesn't* really need
> > supporting right this minute, since what I have now oughtn't to break the
> > current behaviour.
>
> I am really reluctant to endorse anything that propagates the issues of
> the current interfac
the error message be moved to task_struct and made more
general, perhaps retrieved with a prctl() function?
(*) Clean up/consolidate the security functions. Possibly add a
validation hook to be called at the same time as the mount context
validate op.
The patches can be foun
-by: David Howells
Acked-by: John Johansen
cc: apparmor@lists.ubuntu.com
cc: linux-security-mod...@vger.kernel.org
---
security/apparmor/include/mount.h | 11 +++-
security/apparmor/lsm.c | 107 +
security/apparmor/mount.c | 46
Signed-off-by: David Howells
cc: John Johansen
cc: apparmor@lists.ubuntu.com
cc: linux-security-mod...@vger.kernel.org
---
security/apparmor/apparmorfs.c | 20 +++-
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/security/apparmor/apparmorfs.c b/security
be found here also:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
on branch:
mount-api-viro
David
---
David Howells (38):
vfs: Provide sb->s_iflags settings in fs_context struct
vfs: Provide a mount_pseudo-replacement for fs_context
vfs
.
Signed-off-by: David Howells
cc: John Johansen
cc: apparmor@lists.ubuntu.com
cc: linux-security-mod...@vger.kernel.org
---
security/apparmor/apparmorfs.c | 20 +++-
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor
nverts a slew of filesystems to use the mount API.
(9) Fixes a bug in hypfs.
The patches can be found here also:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
on branch:
mount-api-viro
David
---
Andrew Price (1):
gfs2: Convert gfs2 to fs_context
The size argument to ->sendmsg() ought to be redundant as the same
information should be conveyed by msg->msg_iter.count as returned by
msg_data_left().
Signed-off-by: David Howells
cc: Eric Dumazet
cc: "David S. Miller"
cc: Jakub Kicinski
cc: Paolo Abeni
cc: net...@vg
Jeff Layton wrote:
> Correct. We'd lose some fidelity in currently stored timestamps, but as
> Linus and Ted pointed out, anything below ~100ns granularity is
> effectively just noise, as that's the floor overhead for calling into
> the kernel. It's hard to argue that any application needs that
Jann Horn wrote:
> Rewrite keyctl_session_to_parent() to run task work on the parent
> synchronously, so that any errors that happen in the task work can be
> plumbed back into the syscall return value in the child.
The main thing I worry about is if there's a way to deadlock the child and the
p
24 matches
Mail list logo
