[bug report] btrfs mount failure with SELinux context option on kernel v6.6-rc5

[bug report] btrfs mount failure with SELinux context option on kernel v6.6-rc5

[Shinichiro Kawasaki]

Hi all,

I found fstests runs for btrfs on my test systems fail with the kernel v6.6-rc5.
Mount commands for btrfs fail with this message:

  mount: /mnt: wrong fs type, bad option, bad superblock on /dev/sdc, missing codepage or helper program, or other error.
       dmesg(1) may have more information after failed mount system call.

And kernel reported:

  BTRFS error: unrecognized mount option 'context="system_u:object_r:root_t:s0"

My test system has Fedora which enables SELinux. Fstests adds SELinux security
context of the system to the mount command option list. Mount commands with the
added option fail:

  $ sudo mount -o context=system_u:object_r:root_t:s0 /dev/sdX /mnt

With the kernel v6.6-rc4, the mount command succeeded. I bisected between rc4
and rc5 then found the trigger commit is 5f521494cc73 ("btrfs: reject unknown
mount options early"). When I revert the commit from v6.6-rc5, the mount command
succeeds.

Since the trigger is in the kernel, I guess a fix is required on the kernel side
rather than fstests or mount command. Actions for fix will be appreciated.

Re: [bug report] btrfs mount failure with SELinux context option on kernel v6.6-rc5

[Qu Wenruo]

On 2023/10/10 15:52, Shinichiro Kawasaki wrote:
> Hi all,
>
> I found fstests runs for btrfs on my test systems fail with the kernel v6.6-rc5.
> Mount commands for btrfs fail with this message:
>
>    mount: /mnt: wrong fs type, bad option, bad superblock on /dev/sdc, missing codepage or helper program, or other error.
>         dmesg(1) may have more information after failed mount system call.
>
> And kernel reported:
>
>    BTRFS error: unrecognized mount option 'context="system_u:object_r:root_t:s0"
>
> My test system has Fedora which enables SELinux. Fstests adds SELinux security
> context of the system to the mount command option list. Mount commands with the
> added option fail:
>
>    $ sudo mount -o context=system_u:object_r:root_t:s0 /dev/sdX /mnt
>
> With the kernel v6.6-rc4, the mount command succeeded. I bisected between rc4
> and rc5 then found the trigger commit is 5f521494cc73 ("btrfs: reject unknown
> mount options early"). When I revert the commit from v6.6-rc5, the mount command
> succeeds.
>
> Since the trigger is in the kernel, I guess a fix is required on the kernel side
> rather than fstests or mount command. Actions for fix will be appreciated.

OK, the problem is, the SELinux options are only handled later, in
btrfs_mount_root(), meanwhile btrfs_mount() is called earlier, thus the
SELinux options are rejected.

Unfortunately my environment doesn't utilize SELinux, thus it doesn't
get caught at all...

David, please revert the offending patch, a proper fix would be more
complex.

Thanks,
Qu

Re: [bug report] btrfs mount failure with SELinux context option on kernel v6.6-rc5

[David Sterba]

On Tue, Oct 10, 2023 at 04:11:41PM +1030, Qu Wenruo wrote:
> 
> 
> On 2023/10/10 15:52, Shinichiro Kawasaki wrote:
> > Hi all,
> >
> > I found fstests runs for btrfs on my test systems fail with the kernel v6.6-rc5.
> > Mount commands for btrfs fail with this message:
> >
> >    mount: /mnt: wrong fs type, bad option, bad superblock on /dev/sdc, missing codepage or helper program, or other error.
> >         dmesg(1) may have more information after failed mount system call.
> >
> > And kernel reported:
> >
> >    BTRFS error: unrecognized mount option 'context="system_u:object_r:root_t:s0"
> >
> > My test system has Fedora which enables SELinux. Fstests adds SELinux security
> > context of the system to the mount command option list. Mount commands with the
> > added option fail:
> >
> >    $ sudo mount -o context=system_u:object_r:root_t:s0 /dev/sdX /mnt
> >
> > With the kernel v6.6-rc4, the mount command succeeded. I bisected between rc4
> > and rc5 then found the trigger commit is 5f521494cc73 ("btrfs: reject unknown
> > mount options early"). When I revert the commit from v6.6-rc5, the mount command
> > succeeds.
> >
> > Since the trigger is in the kernel, I guess a fix is required on the kernel side
> > rather than fstests or mount command. Actions for fix will be appreciated.
> 
> OK, the problem is, the SELinux options are only handled later, in
> btrfs_mount_root(), meanwhile btrfs_mount() is called earlier, thus the
> SELinux options are rejected.
> 
> Unfortunately my environment doesn't utilize SELinux, thus it doesn't
> get caught at all...
> 
> David, please revert the offending patch, a proper fix would be more
> complex.

Revert on the way, I'll send the pull request today.

https://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux.git/commit/?h=next-fixes&id=54f67decddeb47680f08c720c94b4d4f67181442