Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

zpl_inode.c: Fix SMACK interoperability #11839

Merged
merged 1 commit into from
Apr 9, 2021
Merged

zpl_inode.c: Fix SMACK interoperability #11839

merged 1 commit into from
Apr 9, 2021

Conversation

TerraTech
Copy link
Contributor

@TerraTech TerraTech commented Apr 3, 2021
edited
Loading

Motivation and Context

closes: #11646
closes: cschaufler/smack-next#1

ref: #11646 (comment)

Description

SMACK needs to have the ZFS dentry security field setup before SMACK's d_instantiate() hook
is called as it requires functioning '__vfs_getxattr()' calls to properly set the labels.

Fixes:

  1. file instantiation properly setting the object label to the subject's label
  2. proper file labelling in a transmutable directory

Functions Updated:

  1. zpl_create()
  2. zpl_mknod()
  3. zpl_mkdir()
  4. zpl_symlink()

Signed-off-by: TerraTech TerraTech@users.noreply.github.com

How Has This Been Tested?

I have been using this on production systems for over a month with no ZFS operational problems and SMACK now works properly.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Performance enhancement (non-breaking change which improves efficiency)
  • Code cleanup (non-breaking change which makes code smaller or more readable)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Library ABI change (libzfs, libzfs_core, libnvpair, libuutil and libzfsbootenv)
  • Documentation (a change to man pages or other documentation)

Checklist:

@TerraTech TerraTech force-pushed the iss/11646/SMACK_interoperability branch from b5e40f5 to 31d7102 Compare April 3, 2021 22:48
@behlendorf behlendorf added the Status: Code Review Needed Ready for review and testing label Apr 6, 2021
@TerraTech TerraTech force-pushed the iss/11646/SMACK_interoperability branch 2 times, most recently from a57e0c6 to d3d7159 Compare April 7, 2021 05:02
@TerraTech
zpl_inode.c: Fix SMACK interoperability
a2b9173 
 closes: openzfs#11646

 ref: openzfs#11646 (comment)
 ref: cschaufler/smack-next#1

  SMACK needs to have the ZFS dentry security field setup before SMACK's
    d_instantiate() hook is called as it requires functioning
    '__vfs_getxattr()' calls to properly set the labels.

  Fixes:
  1) file instantiation properly setting the object label to the
     subject's label
  2) proper file labelling in a transmutable directory

  Functions Updated:
  1) zpl_create()
  2) zpl_mknod()
  3) zpl_mkdir()
  4) zpl_symlink()

Signed-off-by: TerraTech <TerraTech@users.noreply.github.com>
@TerraTech TerraTech force-pushed the iss/11646/SMACK_interoperability branch from d3d7159 to a2b9173 Compare April 8, 2021 05:15
@behlendorf behlendorf added Status: Accepted Ready to integrate (reviewed, tested) and removed Status: Code Review Needed Ready for review and testing labels Apr 9, 2021
@behlendorf behlendorf merged commit 161ed82 into openzfs:master Apr 9, 2021
@TerraTech TerraTech deleted the iss/11646/SMACK_interoperability branch April 9, 2021 04:43
@TerraTech TerraTech mentioned this pull request Apr 9, 2021
Closed
mcmilk pushed a commit to mcmilk/zfs that referenced this pull request Apr 10, 2021
@TerraTech @mcmilk
zpl_inode.c: Fix SMACK interoperability
609919c 
SMACK needs to have the ZFS dentry security field setup before
SMACK's d_instantiate() hook is called as it requires functioning
'__vfs_getxattr()' calls to properly set the labels.

Fxes:
1) file instantiation properly setting the object label to the
   subject's label
2) proper file labeling in a transmutable directory

Functions Updated:
1) zpl_create()
2) zpl_mknod()
3) zpl_mkdir()
4) zpl_symlink()

External-issue: cschaufler/smack-next#1
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: TerraTech <TerraTech@users.noreply.github.com>
Closes openzfs#11646 
Closes openzfs#11839
adamdmoss pushed a commit to adamdmoss/zfs that referenced this pull request Apr 10, 2021
@TerraTech @adamdmoss
zpl_inode.c: Fix SMACK interoperability
a005a00 
SMACK needs to have the ZFS dentry security field setup before
SMACK's d_instantiate() hook is called as it requires functioning
'__vfs_getxattr()' calls to properly set the labels.

Fxes:
1) file instantiation properly setting the object label to the
   subject's label
2) proper file labeling in a transmutable directory

Functions Updated:
1) zpl_create()
2) zpl_mknod()
3) zpl_mkdir()
4) zpl_symlink()

External-issue: cschaufler/smack-next#1
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: TerraTech <TerraTech@users.noreply.github.com>
Closes openzfs#11646 
Closes openzfs#11839
mcmilk pushed a commit to mcmilk/zfs that referenced this pull request Apr 10, 2021
@TerraTech @mcmilk
zpl_inode.c: Fix SMACK interoperability
6349fc8 
SMACK needs to have the ZFS dentry security field setup before
SMACK's d_instantiate() hook is called as it requires functioning
'__vfs_getxattr()' calls to properly set the labels.

Fxes:
1) file instantiation properly setting the object label to the
   subject's label
2) proper file labeling in a transmutable directory

Functions Updated:
1) zpl_create()
2) zpl_mknod()
3) zpl_mkdir()
4) zpl_symlink()

External-issue: cschaufler/smack-next#1
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: TerraTech <TerraTech@users.noreply.github.com>
Closes openzfs#11646 
Closes openzfs#11839
behlendorf pushed a commit to behlendorf/zfs that referenced this pull request Apr 14, 2021
@TerraTech @behlendorf
zpl_inode.c: Fix SMACK interoperability
30f5b2f 
SMACK needs to have the ZFS dentry security field setup before
SMACK's d_instantiate() hook is called as it requires functioning
'__vfs_getxattr()' calls to properly set the labels.

Fxes:
1) file instantiation properly setting the object label to the
   subject's label
2) proper file labeling in a transmutable directory

Functions Updated:
1) zpl_create()
2) zpl_mknod()
3) zpl_mkdir()
4) zpl_symlink()

External-issue: cschaufler/smack-next#1
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: TerraTech <TerraTech@users.noreply.github.com>
Closes openzfs#11646 
Closes openzfs#11839
sempervictus pushed a commit to sempervictus/zfs that referenced this pull request May 31, 2021
@TerraTech
zpl_inode.c: Fix SMACK interoperability
fe4f454 
SMACK needs to have the ZFS dentry security field setup before
SMACK's d_instantiate() hook is called as it requires functioning
'__vfs_getxattr()' calls to properly set the labels.

Fxes:
1) file instantiation properly setting the object label to the
   subject's label
2) proper file labeling in a transmutable directory

Functions Updated:
1) zpl_create()
2) zpl_mknod()
3) zpl_mkdir()
4) zpl_symlink()

External-issue: cschaufler/smack-next#1
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: TerraTech <TerraTech@users.noreply.github.com>
Closes openzfs#11646 
Closes openzfs#11839
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@behlendorf behlendorf behlendorf approved these changes

Assignees
No one assigned
Labels
Status: Accepted Ready to integrate (reviewed, tested)
Projects
None yet
Milestone
No milestone
2 participants
@TerraTech @behlendorf