* [BUG] cannot mount subvolume with selinux context
@ 2014-08-19 3:32 Eryu Guan
2014-08-19 17:28 ` Zach Brown
0 siblings, 1 reply; 4+ messages in thread
From: Eryu Guan @ 2014-08-19 3:32 UTC (permalink / raw)
To: linux-btrfs
Hi,
Description of the problem:
mount btrfs with selinux context, then create a subvolume, the new
subvolume cannot be mounted, even with the same context.
mkfs -t btrfs /dev/sda5
mount -o context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/btrfs
btrfs subvolume create /mnt/btrfs/subvol
mount -o subvol=subvol,context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/test
The last mount fails, and dmesg shows:
SELinux: mount invalid. Same superblock, different security settings for (dev sda5, type btrfs)
But in fact, the security settings are the same.
from fs/super.c
struct dentry *
mount_fs(struct file_system_type *type, int flags, const char *name, void *data)
{
struct dentry *root;
struct super_block *sb;
char *secdata = NULL;
int error = -ENOMEM;
if (data && !(type->fs_flags & FS_BINARY_MOUNTDATA)) {
secdata = alloc_secdata();
if (!secdata)
goto out;
error = security_sb_copy_data(data, secdata);
if (error)
goto out_free_secdata;
}
root = type->mount(type, flags, name, data);
The security_sb_copy_data() takes out selinux context data to
"secdata", then mount_subvol() calls mount_fs() (via vfs_kern_mount())
again without selinux context, so mount_subvol() fails, which fails
the whole mount.
Not sure what's the proper fix. Zach suggestted that the fix will
probably be to rework the vfs functions a bit as he said in rh
bugzilla[1].
Thanks,
Eryu
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1130860
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [BUG] cannot mount subvolume with selinux context
2014-08-19 3:32 [BUG] cannot mount subvolume with selinux context Eryu Guan
@ 2014-08-19 17:28 ` Zach Brown
2014-08-20 3:57 ` Eryu Guan
0 siblings, 1 reply; 4+ messages in thread
From: Zach Brown @ 2014-08-19 17:28 UTC (permalink / raw)
To: Eryu Guan; +Cc: linux-btrfs
On Tue, Aug 19, 2014 at 11:32:16AM +0800, Eryu Guan wrote:
> Hi,
>
> Description of the problem:
>
> mount btrfs with selinux context, then create a subvolume, the new
> subvolume cannot be mounted, even with the same context.
>
> mkfs -t btrfs /dev/sda5
> mount -o context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/btrfs
> btrfs subvolume create /mnt/btrfs/subvol
> mount -o subvol=subvol,context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/test
Submit a xfstest?
> The security_sb_copy_data() takes out selinux context data to
> "secdata", then mount_subvol() calls mount_fs() (via vfs_kern_mount())
> again without selinux context, so mount_subvol() fails, which fails
> the whole mount.
>
> Not sure what's the proper fix. Zach suggestted that the fix will
> probably be to rework the vfs functions a bit as he said in rh
> bugzilla[1].
Yeah, I have no idea what'd be preferred here:
- rework the vfs _kern_ mount api to offer one that doesn't mess with
selinux mount options
- add a flag to have the second _kern_ mount ignore selinux (but not
MS_KERNMOUNT?)
- binary data and fs selinux handling? (like nfs)
- z
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [BUG] cannot mount subvolume with selinux context
2014-08-19 17:28 ` Zach Brown
@ 2014-08-20 3:57 ` Eryu Guan
2014-08-21 6:48 ` Qu Wenruo
0 siblings, 1 reply; 4+ messages in thread
From: Eryu Guan @ 2014-08-20 3:57 UTC (permalink / raw)
To: Zach Brown; +Cc: linux-btrfs
On Tue, Aug 19, 2014 at 10:28:54AM -0700, Zach Brown wrote:
> On Tue, Aug 19, 2014 at 11:32:16AM +0800, Eryu Guan wrote:
> > Hi,
> >
> > Description of the problem:
> >
> > mount btrfs with selinux context, then create a subvolume, the new
> > subvolume cannot be mounted, even with the same context.
> >
> > mkfs -t btrfs /dev/sda5
> > mount -o context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/btrfs
> > btrfs subvolume create /mnt/btrfs/subvol
> > mount -o subvol=subvol,context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/test
>
> Submit a xfstest?
Sure, will do.
Thanks,
Eryu
>
> > The security_sb_copy_data() takes out selinux context data to
> > "secdata", then mount_subvol() calls mount_fs() (via vfs_kern_mount())
> > again without selinux context, so mount_subvol() fails, which fails
> > the whole mount.
> >
> > Not sure what's the proper fix. Zach suggestted that the fix will
> > probably be to rework the vfs functions a bit as he said in rh
> > bugzilla[1].
>
> Yeah, I have no idea what'd be preferred here:
>
> - rework the vfs _kern_ mount api to offer one that doesn't mess with
> selinux mount options
> - add a flag to have the second _kern_ mount ignore selinux (but not
> MS_KERNMOUNT?)
> - binary data and fs selinux handling? (like nfs)
>
> - z
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [BUG] cannot mount subvolume with selinux context
2014-08-20 3:57 ` Eryu Guan
@ 2014-08-21 6:48 ` Qu Wenruo
0 siblings, 0 replies; 4+ messages in thread
From: Qu Wenruo @ 2014-08-21 6:48 UTC (permalink / raw)
To: Eryu Guan, Zach Brown; +Cc: linux-btrfs
-------- Original Message --------
Subject: Re: [BUG] cannot mount subvolume with selinux context
From: Eryu Guan <guaneryu@gmail.com>
To: Zach Brown <zab@zabbo.net>
Date: 2014年08月20日 11:57
> On Tue, Aug 19, 2014 at 10:28:54AM -0700, Zach Brown wrote:
>> On Tue, Aug 19, 2014 at 11:32:16AM +0800, Eryu Guan wrote:
>>> Hi,
>>>
>>> Description of the problem:
>>>
>>> mount btrfs with selinux context, then create a subvolume, the new
>>> subvolume cannot be mounted, even with the same context.
>>>
>>> mkfs -t btrfs /dev/sda5
>>> mount -o context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/btrfs
>>> btrfs subvolume create /mnt/btrfs/subvol
>>> mount -o subvol=subvol,context=system_u:object_r:nfs_t:s0 /dev/sda5 /mnt/test
>> Submit a xfstest?
> Sure, will do.
>
> Thanks,
> Eryu
>>> The security_sb_copy_data() takes out selinux context data to
>>> "secdata", then mount_subvol() calls mount_fs() (via vfs_kern_mount())
>>> again without selinux context, so mount_subvol() fails, which fails
>>> the whole mount.
>>>
>>> Not sure what's the proper fix. Zach suggestted that the fix will
>>> probably be to rework the vfs functions a bit as he said in rh
>>> bugzilla[1].
>> Yeah, I have no idea what'd be preferred here:
>>
>> - rework the vfs _kern_ mount api to offer one that doesn't mess with
>> selinux mount options
>> - add a flag to have the second _kern_ mount ignore selinux (but not
>> MS_KERNMOUNT?)
>> - binary data and fs selinux handling? (like nfs)
In fact, we can just make btrfs deal with "subvol=" mount option in a
new method.
Current, btrfs handle "subvol=" by call vfs_kern_mount again and use vfs
level mount_subtree() to do the path
search thing.
But on the other hand, btrfs does not call vfs_kern_mount() when
handling default subvolume or "subvolid=" mount,
so, I think we can do all the path search inside btrfs instead of reuse
vfs level functions, and convert "subvol="
mount option to "subvolid=", which should be selinux friendly now.
(And in this method mount_subvol() should be called just before
get_default_root()).
If I am wrong, please tell me.
BTW, it seems that if mainline kernel accept the patchset which convert
"subvolid=" to "subvol=", it will make the
bug more seriously. :-(
Thank goddness, the successor patch uses get_path()....
Thanks,
Qu
>>
>> - z
> --
> To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-08-21 6:48 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-08-19 3:32 [BUG] cannot mount subvolume with selinux context Eryu Guan
2014-08-19 17:28 ` Zach Brown
2014-08-20 3:57 ` Eryu Guan
2014-08-21 6:48 ` Qu Wenruo
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.