From mboxrd@z Thu Jan 1 00:00:00 1970 From: Casey Schaufler Subject: Re: [PATCH -v2] SELinux/LSM: display SELinux mount options in /proc/mounts Date: Tue, 8 Apr 2008 08:09:18 -0700 (PDT) Message-ID: <386168.30366.qm@web36608.mail.mud.yahoo.com> References: Reply-To: casey@schaufler-ca.com Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7BIT Cc: miklos@szeredi.hu, sds@tycho.nsa.gov, jmorris@namei.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org To: Miklos Szeredi , eparis@redhat.com Return-path: In-Reply-To: Sender: linux-security-module-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org --- Miklos Szeredi wrote: > > This patch causes SELinux mount options to show up in /proc/mounts. As > > with other code in the area seq_put errors are ignored. Other LSM's > > will not have their mount options displayed until they fill in their own > > security_sb_show_options() function. > > > > Signed-off-by: Eric Paris > > Signed-off-by: Miklos Szeredi > > > > --- > > > > This patch is against a merged vfs-2.6:vfs-2.6.25 and selinux:for-akpm > > repo. It requires the a6307a583a073f85c38399c1e2c21dfe2d6a3da0 > > changeset in jame's repo to compile. I'll let you and James decide if > > we should push it through the VFS tree or the SELinux tree.... > > > > Only change from the last patch is the addition of " around mount > > options which contain a comma example: > > server:/export/ /import nfs > rw,context="system_u:object_r:httpd_sys_content_t:s0:c1,c3",vers=3,rsize=32768,wsize=32768,hard,proto=tcp,timeo=600,retrans=2,sec=sys,addr=X.X.X.X > 0 0 > > Looks good. > > Since the patch is dependent on stuff in the selinux repo, it should > go via that tree. > > Even better would be if the non-selinux part was split off into a > separate patch and gone through -mm, to let the interface changes get > extra review. I concur. Sorry that I have not been more active on reviewing this. Casey Schaufler casey@schaufler-ca.com