Re: [kernel.org bug 103071] Dead "security.*" xattr code in ubifs

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sheng Yong <shengyong1@huawei.com>
To: "Richard Weinberger" <richard@nod.at>,
	"Andreas Grünbacher" <andreas.gruenbacher@gmail.com>
Cc: <snijsure@grid-net.com>, Artem Bityutskiy <dedekind1@gmail.com>,
	"linux-mtd@lists.infradead.org" <linux-mtd@lists.infradead.org>,
	<mkl@pengutronix.de>, <gratian.crisan@ni.com>,
	<brad.mouring@ni.com>
Subject: Re: [kernel.org bug 103071] Dead "security.*" xattr code in ubifs
Date: Wed, 19 Aug 2015 15:36:08 +0800	[thread overview]
Message-ID: <55D431E8.5040509@huawei.com> (raw)
In-Reply-To: <55D42959.5070605@nod.at>



On 8/19/2015 2:59 PM, Richard Weinberger wrote:
> Am 19.08.2015 um 03:37 schrieb Sheng Yong:
>>
>>
>> On 8/19/2015 9:07 AM, Sheng Yong wrote:
>>> Hi,
>>>
>>> On 8/19/2015 4:55 AM, Richard Weinberger wrote:
>>>> Andreas,
>>>>
>>>> On Tue, Aug 18, 2015 at 2:15 PM, Andreas Grünbacher
>>>> <andreas.gruenbacher@gmail.com> wrote:
>>>>> Hello,
>>>>>
>>>>> FYI, I've filed the following bug report against ubifs:
>>>>>
>>>>>> ubifs sets sb->s_xattr to ubifs_xattr_handlers which contains a handler for
>>>>>> "security.*" xattrs. The s_xattr handlers are never used because ubifs uses
>>>>>> its own ubifs_{get,set,list,remove}xattr inode operations instead of
>>>>>> generic_{get,set,list,remove}xattr inode operations though.
>>>>>
>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=103071
>>>>
>>>> Thanks for reporting.
>> My bad for didn't reply at the right line :(
>>> This is because UBIFS did not implement extended attribute in the geneirc way
>>> (by calling generic_*xattr()). We could create an xattr_handler to have these
>>> dead functions called (in fact, I did that), but doing this seems just another
>>> encapsulation and makes no sense. So I think we could remove these dead code
>>> directly.
> 
> So, that would be a revert of commit d7f0b70d30ffb9bbe6b8a3e1035cf0b79965ef53?
I think we still need security xattr, so security stuff should be initialized
when creating inodes.
> I don't get what d7f0b70d30ffb9bbe6b8a3e1035cf0b79965ef53 was supposed to do
> as it seems to be a no-op. :-)
AFAIK, geneirc_*attr() will go though sb->s_xattr to find the xattr_handler
which matches the xattr prefix, and generic_*attr() should have been triggered
from inode_operations. However, UBIFS uses ubifs_*attr in inode_operations
instead of these generic interfaces. So `ubifs_xattr_security_handler' defined
in fs/ubifs/xattr.c is useless, so are the security_*attr() functions. These
functions will never being called, set/get/list security xattr is still done
by calling ubifs_*attr() like other xattr.

thanks,
Sheng
> 
> Thanks,
> //richard
> 
> .
>

next prev parent reply	other threads:[~2015-08-19  7:37 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-08-18 12:15 [kernel.org bug 103071] Dead "security.*" xattr code in ubifs Andreas Grünbacher
2015-08-18 20:55 ` Richard Weinberger
2015-08-19  1:07   ` Sheng Yong
2015-08-19  1:37     ` Sheng Yong
2015-08-19  6:59       ` Richard Weinberger
2015-08-19  7:36         ` Sheng Yong [this message]
2015-08-19  7:51           ` Richard Weinberger
2015-08-20  9:32             ` Andreas Grünbacher
2015-08-20  0:50   ` Dongsheng Yang
2015-08-20  1:01     ` [PATCH] fstests: link .out to correct output when we set USE_ATTR_SECURE=yes Dongsheng Yang
2015-08-20  1:01       ` Dongsheng Yang
2015-08-20  6:18       ` Andreas Grünbacher
2015-08-20 21:08         ` Dave Chinner
2015-08-20 21:17           ` Andreas Grünbacher
2015-08-21  0:36           ` Dongsheng Yang
2015-08-21  0:36             ` Dongsheng Yang
2015-08-20  6:49     ` [kernel.org bug 103071] Dead "security.*" xattr code in ubifs Richard Weinberger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55D431E8.5040509@huawei.com \
    --to=shengyong1@huawei.com \
    --cc=andreas.gruenbacher@gmail.com \
    --cc=brad.mouring@ni.com \
    --cc=dedekind1@gmail.com \
    --cc=gratian.crisan@ni.com \
    --cc=linux-mtd@lists.infradead.org \
    --cc=mkl@pengutronix.de \
    --cc=richard@nod.at \
    --cc=snijsure@grid-net.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.