From: Qu Wenruo <quwenruo@cn.fujitsu.com>
To: Eryu Guan <guaneryu@gmail.com>
Cc: <jbacik@fb.com>, <linux-btrfs@vger.kernel.org>
Subject: Re: [PATCH] btrfs: Make btrfs handle security mount options internally to avoid losing security label.
Date: Tue, 7 Oct 2014 09:03:42 +0800 [thread overview]
Message-ID: <54333BEE.7070308@cn.fujitsu.com> (raw)
In-Reply-To: <20141006133827.GF13950@dhcp-13-216.nay.redhat.com>
-------- Original Message --------
Subject: Re: [PATCH] btrfs: Make btrfs handle security mount options
internally to avoid losing security label.
From: Eryu Guan <guaneryu@gmail.com>
To: <quwenruo@cn.fujitsu.com>
Date: 2014年10月06日 21:38
> On Mon, Oct 06, 2014 at 09:29:25AM -0400, Josef Bacik wrote:
>> On 09/23/2014 01:40 AM, Qu Wenruo wrote:
>>> [BUG]
>>> Originally when mount btrfs with "-o subvol=" mount option, btrfs will
>>> lose all security lable.
>>> And if the btrfs fs is mounted somewhere else, due to the lost of
>>> security lable, SELinux will refuse to mount since the same super block
>>> is being mounted using different security lable.
>>>
>>> [REPRODUCER]
>>> With SELinux enabled:
>>> #mkfs -t btrfs /dev/sda5
>>> #mount -o context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/btrfs
>>> #btrfs subvolume create /mnt/btrfs/subvol
>>> #mount -o subvol=subvol,context=system_u:object_r:nfs_t:s0 /dev/sda5
>>> /mnt/test
>>>
>>> kernel message:
>>> SELinux: mount invalid. Same superblock, different security settings
>>> for (dev sda5, type btrfs)
>>>
>>> [REASON]
>>> This happens because btrfs will call vfs_kern_mount() and then
>>> mount_subtree() to handle subvolume name lookup.
>>> First mount will cut off all the security lables and when it comes to
>>> the second vfs_kern_mount(), it has no security label now.
>>>
>>> [FIX]
>>> This patch will makes btrfs behavior much more like nfs,
>>> which has the type flag FS_BINARY_MOUNTDATA,
>>> making btrfs handles the security label internally.
>>> So security label will be set in the real mount time and won't lose
>>> label when use with "subvol=" mount option.
>>>
>> Please make this an xfstest, I'm going to change how subvols are mounted in
>> a bit and I'd like to make sure I don't break anything. Thanks,
> Hi Qu, I'll submit one xfstest, just want to make sure you don't do
> duplicated work here.
>
> Thanks,
> Eryu
Thanks a lot.
I remember you have already submitted an xfstest testcase for this.
Thanks,
Qu
prev parent reply other threads:[~2014-10-07 1:04 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-23 5:40 [PATCH] btrfs: Make btrfs handle security mount options internally to avoid losing security label Qu Wenruo
2014-09-23 12:49 ` Chris Mason
2014-09-23 18:51 ` Eric Sandeen
2014-09-24 0:31 ` Qu Wenruo
2014-09-24 3:33 ` Eric Sandeen
2014-09-24 3:43 ` Qu Wenruo
2014-10-06 3:02 ` Qu Wenruo
2014-10-06 13:26 ` Chris Mason
2014-10-07 1:01 ` Qu Wenruo
2014-10-06 13:29 ` Josef Bacik
2014-10-06 13:38 ` Eryu Guan
2014-10-07 1:03 ` Qu Wenruo [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54333BEE.7070308@cn.fujitsu.com \
--to=quwenruo@cn.fujitsu.com \
--cc=guaneryu@gmail.com \
--cc=jbacik@fb.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).