On Tue, Dec 18, 2018 at 02:48:58PM +1100, Stephen Rothwell wrote:
> Hi Paul,
>
> Today's linux-next merge of the selinux tree got a conflict in:
>
> security/selinux/hooks.c
>
> between commit:
>
> 2b8073b14c19 ("LSM: split ->sb_set_mnt_opts() out of ->sb_kern_mount()")
>
> from the vfs tr
Hi Paul,
Today's linux-next merge of the selinux tree got a conflict in:
security/selinux/hooks.c
between commit:
2b8073b14c19 ("LSM: split ->sb_set_mnt_opts() out of ->sb_kern_mount()")
from the vfs tree and commit:
2cbdcb882f97 ("selinux: always allow mounting submounts")
from the se
On 12/5/2018 8:16 AM, Al Viro wrote:
> On Wed, Dec 05, 2018 at 10:37:56AM +0100, Ondrej Mosnacek wrote:
>
>> I just tested the Q28 branch rebased onto a recent Fedora rawhide
>> kernel (4.20.0-0.rc5.git0.1) and that code seems to be working fine.
Not so good with Smack.
# mount -t tmpfs -
On Wed, Dec 05, 2018 at 10:37:56AM +0100, Ondrej Mosnacek wrote:
> I just tested the Q28 branch rebased onto a recent Fedora rawhide
> kernel (4.20.0-0.rc5.git0.1) and that code seems to be working fine.
> The submount test failed with Q28 and succeeds with Q28+fix, as
> expected. Also, the overla
On Mon, Dec 3, 2018 at 10:56 PM Al Viro wrote:
> On Mon, Dec 03, 2018 at 11:12:59AM +0100, Ondrej Mosnacek wrote:
>
> > I think I figured out what's the problem. NFS still creates the
> > submount via the old vfs_submount() call, which calls
> > vfs_kern_mount(), which creates an fs_context with
>
On Mon, Dec 03, 2018 at 11:12:59AM +0100, Ondrej Mosnacek wrote:
> I think I figured out what's the problem. NFS still creates the
> submount via the old vfs_submount() call, which calls
> vfs_kern_mount(), which creates an fs_context with
> FS_CONTEXT_FOR_USER_MOUNT because FS_CONTEXT_FOR_SUBMOUN
On Sun, Dec 2, 2018 at 10:13 AM Ondrej Mosnacek wrote:
> On Sat, Dec 1, 2018 at 10:32 PM Ondrej Mosnacek wrote:
> > On Thu, Nov 29, 2018 at 11:07 AM Ondrej Mosnacek
> > wrote:
> > > On Wed, Nov 28, 2018 at 10:52 PM Paul Moore wrote:
> > > > On Tue, Nov 27, 2018 at 6:50 AM Stephen Rothwell
> >
On Sat, Dec 1, 2018 at 10:32 PM Ondrej Mosnacek wrote:
> On Thu, Nov 29, 2018 at 11:07 AM Ondrej Mosnacek wrote:
> > On Wed, Nov 28, 2018 at 10:52 PM Paul Moore wrote:
> > > On Tue, Nov 27, 2018 at 6:50 AM Stephen Rothwell
> > > wrote:
> > > > Hi Ondrej,
> > > >
> > > > On Tue, 27 Nov 2018 09:
On Thu, Nov 29, 2018 at 11:07 AM Ondrej Mosnacek wrote:
> On Wed, Nov 28, 2018 at 10:52 PM Paul Moore wrote:
> > On Tue, Nov 27, 2018 at 6:50 AM Stephen Rothwell
> > wrote:
> > > Hi Ondrej,
> > >
> > > On Tue, 27 Nov 2018 09:53:32 +0100 Ondrej Mosnacek
> > > wrote:
> > > >
> > > > Hm... seems
On Fri, Nov 30, 2018 at 4:10 PM David Howells wrote:
> Ondrej Mosnacek wrote:
>
> > - if (fc->purpose == FS_CONTEXT_FOR_KERNEL_MOUNT)
> > + if (fc->purpose == (FS_CONTEXT_FOR_KERNEL_MOUNT|FS_CONTEXT_FOR_SUBMOUNT))
>
> It's not a bitmask, so you can't do that. You'd need to do:
>
> if (fc
Ondrej Mosnacek wrote:
> - if (fc->purpose == FS_CONTEXT_FOR_KERNEL_MOUNT)
> + if (fc->purpose == (FS_CONTEXT_FOR_KERNEL_MOUNT|FS_CONTEXT_FOR_SUBMOUNT))
It's not a bitmask, so you can't do that. You'd need to do:
if (fc->purpose == FS_CONTEXT_FOR_KERNEL_MOUNT ||
fc->purpose
On Fri, Nov 30, 2018 at 01:27:07AM +, Al Viro wrote:
> And then there's sb_mount, with 3 instances and arseloads of
> races in 2 out of 3.
PS: the 3rd one (in selinux) is, AFAICS, TOCTOU-free, because
it ignores everything except the mountpoint, which is already
looked up by the caller. No i
On Thu, Nov 29, 2018 at 04:57:20PM -0800, Casey Schaufler wrote:
> > Question: what *should* happen if we try to cross into a submount and find
> > that the thing on the other side is already mounted elsewhere, with
> > incompatible
> > LSM options? Ditto for referrals, with an extra twist - wha
On 11/29/2018 3:51 PM, Al Viro wrote:
I've added linux-security-module to the CC list.
> On Thu, Nov 29, 2018 at 05:23:24PM -0500, Paul Moore wrote:
>
>>> OK, I will verify that the SELinux submount fix rebased on top of
>>> vfs/work.mount in the way I suggested above passes the same testing
>>>
On Thu, Nov 29, 2018 at 05:23:24PM -0500, Paul Moore wrote:
> > OK, I will verify that the SELinux submount fix rebased on top of
> > vfs/work.mount in the way I suggested above passes the same testing
> > (seliinux-testsuite + NFS crossmnt reproducer). I am now building two
> > kernels (vfs/work.
On Thu, Nov 29, 2018 at 5:07 AM Ondrej Mosnacek wrote:
>
> On Wed, Nov 28, 2018 at 10:52 PM Paul Moore wrote:
> > On Tue, Nov 27, 2018 at 6:50 AM Stephen Rothwell
> > wrote:
> > > Hi Ondrej,
> > >
> > > On Tue, 27 Nov 2018 09:53:32 +0100 Ondrej Mosnacek
> > > wrote:
> > > >
> > > > Hm... seem
On Wed, Nov 28, 2018 at 10:52 PM Paul Moore wrote:
> On Tue, Nov 27, 2018 at 6:50 AM Stephen Rothwell
> wrote:
> > Hi Ondrej,
> >
> > On Tue, 27 Nov 2018 09:53:32 +0100 Ondrej Mosnacek
> > wrote:
> > >
> > > Hm... seems that there was some massive overhaul in the VFS code right
> > > at the wr
On Tue, Nov 27, 2018 at 6:50 AM Stephen Rothwell wrote:
> Hi Ondrej,
>
> On Tue, 27 Nov 2018 09:53:32 +0100 Ondrej Mosnacek
> wrote:
> >
> > Hm... seems that there was some massive overhaul in the VFS code right
> > at the wrong moment... There are new hooks for mounting now and the
>
> The moun
Hi Ondrej,
On Tue, 27 Nov 2018 09:53:32 +0100 Ondrej Mosnacek wrote:
>
> Hm... seems that there was some massive overhaul in the VFS code right
> at the wrong moment... There are new hooks for mounting now and the
The mount changes have been in linux-next since before the last
release ...
> cod
On Tue, Nov 27, 2018 at 9:53 AM Ondrej Mosnacek wrote:
> On Tue, Nov 27, 2018 at 1:52 AM Stephen Rothwell
> wrote:
> > Hi Paul,
> >
> > Today's linux-next merge of the selinux tree got a conflict in:
> >
> > security/selinux/hooks.c
> >
> > between commit:
> >
> > 0472421f47a9 ("vfs: Remove
On Tue, Nov 27, 2018 at 1:52 AM Stephen Rothwell wrote:
> Hi Paul,
>
> Today's linux-next merge of the selinux tree got a conflict in:
>
> security/selinux/hooks.c
>
> between commit:
>
> 0472421f47a9 ("vfs: Remove unused code after filesystem context changes")
>
> from the vfs tree and commit
Hi Paul,
Today's linux-next merge of the selinux tree got a conflict in:
security/selinux/hooks.c
between commit:
0472421f47a9 ("vfs: Remove unused code after filesystem context changes")
from the vfs tree and commit:
2cbdcb882f97 ("selinux: always allow mounting submounts")
from the s
22 matches
Mail list logo
