From: Paul Moore <paul@paul-moore.com>
To: Ondrej Mosnacek <omosnace@redhat.com>
Cc: Jeff Layton <jlayton@kernel.org>,
David Howells <dhowells@redhat.com>,
Christian Brauner <brauner@kernel.org>,
selinux@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Adam Williamson <awilliam@redhat.com>
Subject: Re: [PATCH] selinux: fix handling of empty opts in selinux_fs_context_submount()
Date: Tue, 12 Sep 2023 17:31:07 -0400 [thread overview]
Message-ID: <f48a346737f99d7b82ecaf214ac2b77e.paul@paul-moore.com> (raw)
In-Reply-To: <20230911142358.883728-1-omosnace@redhat.com>
On Sep 11, 2023 Ondrej Mosnacek <omosnace@redhat.com> wrote:
>
> selinux_set_mnt_opts() relies on the fact that the mount options pointer
> is always NULL when all options are unset (specifically in its
> !selinux_initialized() branch. However, the new
> selinux_fs_context_submount() hook breaks this rule by allocating a new
> structure even if no options are set. That causes any submount created
> before a SELinux policy is loaded to be rejected in
> selinux_set_mnt_opts().
>
> Fix this by making selinux_fs_context_submount() leave fc->security
> set to NULL when there are no options to be copied from the reference
> superblock.
>
> Reported-by: Adam Williamson <awilliam@redhat.com>
> Link: https://bugzilla.redhat.com/show_bug.cgi?id=2236345
> Fixes: d80a8f1b58c2 ("vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing")
> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
> Reviewed-by: Jeff Layton <jlayton@kernel.org>
> ---
> security/selinux/hooks.c | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
Thanks Ondrej, this looks good. I'm going to merge this into
selinux/stable-6.6 and assuming all goes well with the automated
testing (I can't imagine it would catch anything) I'll send this up
to Linus later this week.
I'm also tagging this for the stable kernels even though this patch
is only present in v6.6-rc1 because the original patch has a number
of 'Fixes:' tags which means the stable folks will probably end up
pulling it into their trees.
--
paul-moore.com
next prev parent reply other threads:[~2023-09-12 21:31 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-11 14:23 [PATCH] selinux: fix handling of empty opts in selinux_fs_context_submount() Ondrej Mosnacek
2023-09-11 19:33 ` Jeff Layton
2023-09-12 21:31 ` Paul Moore [this message]
2023-09-13 7:51 ` Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f48a346737f99d7b82ecaf214ac2b77e.paul@paul-moore.com \
--to=paul@paul-moore.com \
--cc=awilliam@redhat.com \
--cc=brauner@kernel.org \
--cc=dhowells@redhat.com \
--cc=jlayton@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=omosnace@redhat.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).