From: Munehisa Kamata <kamatam@amazon.com>
To: <stable@vger.kernel.org>
Cc: <casey@schaufler-ca.com>, <vishal.goel@samsung.com>,
<roberto.sassu@huawei.com>, <kamatam@amazon.com>
Subject: [PATCH for 4.19.y 0/3] Backport Smack fixes for 4.19.y
Date: Thu, 28 Sep 2023 18:51:35 -0700 [thread overview]
Message-ID: <20230929015138.835462-1-kamatam@amazon.com> (raw)
In-Reply-To: <20230929015033.835263-1-kamatam@amazon.com>
This series backports the following fixes for Smack problems with overlayfs
to 4.19.y.
2c085f3a8f23 smack: Record transmuting in smk_transmuted
3a3d8fce31a4 smack: Retrieve transmuting information in smack_inode_getsecurity()
387ef964460f Smack:- Use overlay inode label in smack_inode_copy_up()
This slightly modifies the original commits, because the commits rely on
some helper functions introduced after v4.19 by different commits that
touch more code than just Smack, require even more prerequisite commits and
also need some adjustments for 4.19.y. Instead, this series makes minor
modifications for only the overlayfs-related fixes to not use the helper
functions rather than backporting everything.
For reference, the upstream commits listed below introduced the helper
functions. Though, this is not a complete list for their dependencies.
ecd5f82e05dd LSM: Infrastructure management of the ipc security blob
019bcca4626a Smack: Abstract use of ipc security blobs
afb1cbe37440 LSM: Infrastructure management of the inode security
fb4021b6fb58 Smack: Abstract use of inode security blob
33bf60cabcc7 LSM: Infrastructure management of the file security
f28952ac9008 Smack: Abstract use of file security blob
bbd3662a8348 Infrastructure management of the cred security blob
b17103a8b8ae Smack: Abstract use of cred security blob
Roberto Sassu (2):
smack: Retrieve transmuting information in smack_inode_getsecurity()
smack: Record transmuting in smk_transmuted
Vishal Goel (1):
Smack:- Use overlay inode label in smack_inode_copy_up()
security/smack/smack.h | 1 +
security/smack/smack_lsm.c | 65 ++++++++++++++++++++++++++++----------
2 files changed, 49 insertions(+), 17 deletions(-)
--
2.34.1
next prev parent reply other threads:[~2023-09-29 1:52 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-29 1:50 Request to cherry-pick a few Smack fixes Munehisa Kamata
2023-09-29 1:51 ` Munehisa Kamata [this message]
2023-09-29 1:51 ` [PATCH for 4.19.y 1/3] Smack:- Use overlay inode label in smack_inode_copy_up() Munehisa Kamata
2023-09-29 1:51 ` [PATCH for 4.19.y 2/3] smack: Retrieve transmuting information in smack_inode_getsecurity() Munehisa Kamata
2023-09-29 1:51 ` [PATCH for 4.19.y 3/3] smack: Record transmuting in smk_transmuted Munehisa Kamata
2023-10-03 11:26 ` [PATCH for 4.19.y 0/3] Backport Smack fixes for 4.19.y Sasha Levin
2023-10-03 19:02 ` Munehisa Kamata
2023-10-04 10:00 ` Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230929015138.835462-1-kamatam@amazon.com \
--to=kamatam@amazon.com \
--cc=casey@schaufler-ca.com \
--cc=roberto.sassu@huawei.com \
--cc=stable@vger.kernel.org \
--cc=vishal.goel@samsung.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox