From: Stephen Smalley <stephen.smalley.work@gmail.com>
To: Daniel Burgener <dburgener@linux.microsoft.com>
Cc: SElinux list <selinux@vger.kernel.org>,
Ondrej Mosnacek <omosnace@redhat.com>,
Paul Moore <paul@paul-moore.com>
Subject: Re: [PATCH 0/4] Update SELinuxfs out of tree and then swapover
Date: Wed, 12 Aug 2020 14:51:48 -0400 [thread overview]
Message-ID: <CAEjxPJ7aQLCAxdQHhWiUF6jUT4Fawm8utETAJSCzuY1k7VwK0g@mail.gmail.com> (raw)
In-Reply-To: <20200812140907.1102299-1-dburgener@linux.microsoft.com>
On Wed, Aug 12, 2020 at 10:09 AM Daniel Burgener
<dburgener@linux.microsoft.com> wrote:
>
> In the current implementation, on policy load /sys/fs/selinux is updated
> by deleting the previous contents of
> /sys/fs/selinux/{class,booleans,policy_capabilities} and then recreating
> them. This means that there is a period of time when the contents of
> these directories do not exist which can cause race conditions as
> userspace relies on them for information about the policy. In addition,
> it means that error recovery in the event of failure is challenging.
I haven't looked closely yet, but note that my patches stopped
removing the policy_capabilities directory entries altogether and only
create them during initialization of the mount, because the set of
directory entries is not policy-dependent (only the values read from
them are policy-dependent, not the names themselves). It was a
mistake to ever re-create those entries in the first place. So you
only need to deal with the class and booleans directories in your
patches. Also, I would recommend cc'ing viro and linux-fsdevel on
your patch set in addition to selinux so that they can look at it from
a vfs point of view.
next prev parent reply other threads:[~2020-08-12 18:53 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-12 14:09 [PATCH 0/4] Update SELinuxfs out of tree and then swapover Daniel Burgener
2020-08-12 14:09 ` [PATCH 1/4] selinux: Create function for selinuxfs directory cleanup Daniel Burgener
2020-08-12 14:09 ` [PATCH 2/4] selinux: Refactor selinuxfs directory populating functions Daniel Burgener
2020-08-12 14:09 ` [PATCH 3/4] selinux: Standardize string literal usage for selinuxfs directory names Daniel Burgener
2020-08-12 14:09 ` [PATCH 4/4] selinux: Create new booleans, class and policycap dirs out of tree Daniel Burgener
2020-08-12 18:51 ` Stephen Smalley [this message]
2020-08-12 19:02 ` [PATCH 0/4] Update SELinuxfs out of tree and then swapover Daniel Burgener
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAEjxPJ7aQLCAxdQHhWiUF6jUT4Fawm8utETAJSCzuY1k7VwK0g@mail.gmail.com \
--to=stephen.smalley.work@gmail.com \
--cc=dburgener@linux.microsoft.com \
--cc=omosnace@redhat.com \
--cc=paul@paul-moore.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.