From: David Howells <dhowells@redhat.com> To: viro@zeniv.linux.org.uk Cc: linux-kernel@vger.kernel.org, dhowells@redhat.com, linux-fsdevel@vger.kernel.org, linux-security-module@vger.kernel.org, Casey Schaufler <casey@schaufler-ca.com>, torvalds@linux-foundation.org Subject: [PATCH 08/32] smack: Implement filesystem context security hooks [ver #9] Date: Tue, 10 Jul 2018 23:42:23 +0100 [thread overview] Message-ID: <153126254346.14533.14191961720018099798.stgit@warthog.procyon.org.uk> (raw) In-Reply-To: <153126248868.14533.9751473662727327569.stgit@warthog.procyon.org.uk> Implement filesystem context security hooks for the smack LSM. Question: Should the ->fs_context_parse_source() hook be implemented to check the labels on any source devices specified? Signed-off-by: David Howells <dhowells@redhat.com> cc: Casey Schaufler <casey@schaufler-ca.com> cc: linux-security-module@vger.kernel.org --- security/smack/smack_lsm.c | 309 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 309 insertions(+) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 7ad226018f51..39780b06469b 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -42,6 +42,7 @@ #include <linux/shm.h> #include <linux/binfmts.h> #include <linux/parser.h> +#include <linux/fs_context.h> #include "smack.h" #define TRANS_TRUE "TRUE" @@ -521,6 +522,307 @@ static int smack_syslog(int typefrom_file) return rc; } +/* + * Mount context operations + */ + +struct smack_fs_context { + union { + struct { + char *fsdefault; + char *fsfloor; + char *fshat; + char *fsroot; + char *fstransmute; + }; + char *ptrs[5]; + + }; + struct superblock_smack *sbsp; + struct inode_smack *isp; + bool transmute; +}; + +/** + * smack_fs_context_free - Free the security data from a filesystem context + * @fc: The filesystem context to be cleaned up. + */ +static void smack_fs_context_free(struct fs_context *fc) +{ + struct smack_fs_context *ctx = fc->security; + int i; + + if (ctx) { + for (i = 0; i < ARRAY_SIZE(ctx->ptrs); i++) + kfree(ctx->ptrs[i]); + kfree(ctx->isp); + kfree(ctx->sbsp); + kfree(ctx); + fc->security = NULL; + } +} + +/** + * smack_fs_context_alloc - Allocate security data for a filesystem context + * @fc: The filesystem context. + * @reference: Reference dentry (automount/reconfigure) or NULL + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_fs_context_alloc(struct fs_context *fc, + struct dentry *reference) +{ + struct smack_fs_context *ctx; + struct superblock_smack *sbsp; + struct inode_smack *isp; + struct smack_known *skp; + + ctx = kzalloc(sizeof(struct smack_fs_context), GFP_KERNEL); + if (!ctx) + goto nomem; + fc->security = ctx; + + sbsp = kzalloc(sizeof(struct superblock_smack), GFP_KERNEL); + if (!sbsp) + goto nomem_free; + ctx->sbsp = sbsp; + + isp = new_inode_smack(NULL); + if (!isp) + goto nomem_free; + ctx->isp = isp; + + if (reference) { + if (reference->d_sb->s_security) + memcpy(sbsp, reference->d_sb->s_security, sizeof(*sbsp)); + } else if (!smack_privileged(CAP_MAC_ADMIN)) { + /* Unprivileged mounts get root and default from the caller. */ + skp = smk_of_current(); + sbsp->smk_root = skp; + sbsp->smk_default = skp; + } else { + sbsp->smk_root = &smack_known_floor; + sbsp->smk_default = &smack_known_floor; + sbsp->smk_floor = &smack_known_floor; + sbsp->smk_hat = &smack_known_hat; + /* SMK_SB_INITIALIZED will be zero from kzalloc. */ + } + + return 0; + +nomem_free: + smack_fs_context_free(fc); +nomem: + return -ENOMEM; +} + +/** + * smack_fs_context_dup - Duplicate the security data on fs_context duplication + * @fc: The new filesystem context. + * @src_fc: The source filesystem context being duplicated. + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_fs_context_dup(struct fs_context *fc, + struct fs_context *src_fc) +{ + struct smack_fs_context *dst, *src = src_fc->security; + int i; + + dst = kzalloc(sizeof(struct smack_fs_context), GFP_KERNEL); + if (!dst) + goto nomem; + fc->security = dst; + + dst->sbsp = kmemdup(src->sbsp, sizeof(struct superblock_smack), + GFP_KERNEL); + if (!dst->sbsp) + goto nomem_free; + + for (i = 0; i < ARRAY_SIZE(dst->ptrs); i++) { + if (src->ptrs[i]) { + dst->ptrs[i] = kstrdup(src->ptrs[i], GFP_KERNEL); + if (!dst->ptrs[i]) + goto nomem_free; + } + } + + return 0; + +nomem_free: + smack_fs_context_free(fc); +nomem: + return -ENOMEM; +} + +/** + * smack_fs_context_parse_option - Parse a single mount option + * @fc: The new filesystem context being constructed. + * @opt: The option text buffer. + * @len: The length of the text. + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_fs_context_parse_option(struct fs_context *fc, char *p, size_t len) +{ + struct smack_fs_context *ctx = fc->security; + substring_t args[MAX_OPT_ARGS]; + int rc = -ENOMEM; + int token; + + /* Unprivileged mounts don't get to specify Smack values. */ + if (!smack_privileged(CAP_MAC_ADMIN)) + return -EPERM; + + token = match_token(p, smk_mount_tokens, args); + switch (token) { + case Opt_fsdefault: + if (ctx->fsdefault) + goto error_dup; + ctx->fsdefault = match_strdup(&args[0]); + if (!ctx->fsdefault) + goto error; + break; + case Opt_fsfloor: + if (ctx->fsfloor) + goto error_dup; + ctx->fsfloor = match_strdup(&args[0]); + if (!ctx->fsfloor) + goto error; + break; + case Opt_fshat: + if (ctx->fshat) + goto error_dup; + ctx->fshat = match_strdup(&args[0]); + if (!ctx->fshat) + goto error; + break; + case Opt_fsroot: + if (ctx->fsroot) + goto error_dup; + ctx->fsroot = match_strdup(&args[0]); + if (!ctx->fsroot) + goto error; + break; + case Opt_fstransmute: + if (ctx->fstransmute) + goto error_dup; + ctx->fstransmute = match_strdup(&args[0]); + if (!ctx->fstransmute) + goto error; + break; + default: + pr_warn("Smack: unknown mount option\n"); + goto error_inval; + } + + return 0; + +error_dup: + pr_warn("Smack: duplicate mount option\n"); +error_inval: + rc = -EINVAL; +error: + return rc; +} + +/** + * smack_fs_context_validate - Validate the filesystem context security data + * @fc: The filesystem context. + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_fs_context_validate(struct fs_context *fc) +{ + struct smack_fs_context *ctx = fc->security; + struct superblock_smack *sbsp = ctx->sbsp; + struct inode_smack *isp = ctx->isp; + struct smack_known *skp; + + if (ctx->fsdefault) { + skp = smk_import_entry(ctx->fsdefault, 0); + if (IS_ERR(skp)) + return PTR_ERR(skp); + sbsp->smk_default = skp; + } + + if (ctx->fsfloor) { + skp = smk_import_entry(ctx->fsfloor, 0); + if (IS_ERR(skp)) + return PTR_ERR(skp); + sbsp->smk_floor = skp; + } + + if (ctx->fshat) { + skp = smk_import_entry(ctx->fshat, 0); + if (IS_ERR(skp)) + return PTR_ERR(skp); + sbsp->smk_hat = skp; + } + + if (ctx->fsroot || ctx->fstransmute) { + skp = smk_import_entry(ctx->fstransmute ?: ctx->fsroot, 0); + if (IS_ERR(skp)) + return PTR_ERR(skp); + sbsp->smk_root = skp; + ctx->transmute = !!ctx->fstransmute; + } + + isp->smk_inode = sbsp->smk_root; + return 0; +} + +/** + * smack_sb_get_tree - Assign the context to a newly created superblock + * @fc: The new filesystem context. + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_sb_get_tree(struct fs_context *fc) +{ + struct smack_fs_context *ctx = fc->security; + struct superblock_smack *sbsp = ctx->sbsp; + struct dentry *root = fc->root; + struct inode *inode = d_backing_inode(root); + struct super_block *sb = root->d_sb; + struct inode_smack *isp; + bool transmute = ctx->transmute; + + if (sb->s_security) + return 0; + + if (!smack_privileged(CAP_MAC_ADMIN)) { + /* + * For a handful of fs types with no user-controlled + * backing store it's okay to trust security labels + * in the filesystem. The rest are untrusted. + */ + if (fc->user_ns != &init_user_ns && + sb->s_magic != SYSFS_MAGIC && sb->s_magic != TMPFS_MAGIC && + sb->s_magic != RAMFS_MAGIC) { + transmute = true; + sbsp->smk_flags |= SMK_SB_UNTRUSTED; + } + } + + sbsp->smk_flags |= SMK_SB_INITIALIZED; + sb->s_security = sbsp; + ctx->sbsp = NULL; + + /* Initialize the root inode. */ + isp = inode->i_security; + if (isp == NULL) { + isp = ctx->isp; + ctx->isp = NULL; + inode->i_security = isp; + } else + isp->smk_inode = sbsp->smk_root; + + if (transmute) + isp->smk_flags |= SMK_INODE_TRANSMUTE; + + return 0; +} /* * Superblock Hooks. @@ -4647,6 +4949,13 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), LSM_HOOK_INIT(syslog, smack_syslog), + LSM_HOOK_INIT(fs_context_alloc, smack_fs_context_alloc), + LSM_HOOK_INIT(fs_context_dup, smack_fs_context_dup), + LSM_HOOK_INIT(fs_context_free, smack_fs_context_free), + LSM_HOOK_INIT(fs_context_parse_option, smack_fs_context_parse_option), + LSM_HOOK_INIT(fs_context_validate, smack_fs_context_validate), + LSM_HOOK_INIT(sb_get_tree, smack_sb_get_tree), + LSM_HOOK_INIT(sb_alloc_security, smack_sb_alloc_security), LSM_HOOK_INIT(sb_free_security, smack_sb_free_security), LSM_HOOK_INIT(sb_copy_data, smack_sb_copy_data),
WARNING: multiple messages have this Message-ID (diff)
From: dhowells@redhat.com (David Howells) To: linux-security-module@vger.kernel.org Subject: [PATCH 08/32] smack: Implement filesystem context security hooks [ver #9] Date: Tue, 10 Jul 2018 23:42:23 +0100 [thread overview] Message-ID: <153126254346.14533.14191961720018099798.stgit@warthog.procyon.org.uk> (raw) In-Reply-To: <153126248868.14533.9751473662727327569.stgit@warthog.procyon.org.uk> Implement filesystem context security hooks for the smack LSM. Question: Should the ->fs_context_parse_source() hook be implemented to check the labels on any source devices specified? Signed-off-by: David Howells <dhowells@redhat.com> cc: Casey Schaufler <casey@schaufler-ca.com> cc: linux-security-module at vger.kernel.org --- security/smack/smack_lsm.c | 309 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 309 insertions(+) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 7ad226018f51..39780b06469b 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -42,6 +42,7 @@ #include <linux/shm.h> #include <linux/binfmts.h> #include <linux/parser.h> +#include <linux/fs_context.h> #include "smack.h" #define TRANS_TRUE "TRUE" @@ -521,6 +522,307 @@ static int smack_syslog(int typefrom_file) return rc; } +/* + * Mount context operations + */ + +struct smack_fs_context { + union { + struct { + char *fsdefault; + char *fsfloor; + char *fshat; + char *fsroot; + char *fstransmute; + }; + char *ptrs[5]; + + }; + struct superblock_smack *sbsp; + struct inode_smack *isp; + bool transmute; +}; + +/** + * smack_fs_context_free - Free the security data from a filesystem context + * @fc: The filesystem context to be cleaned up. + */ +static void smack_fs_context_free(struct fs_context *fc) +{ + struct smack_fs_context *ctx = fc->security; + int i; + + if (ctx) { + for (i = 0; i < ARRAY_SIZE(ctx->ptrs); i++) + kfree(ctx->ptrs[i]); + kfree(ctx->isp); + kfree(ctx->sbsp); + kfree(ctx); + fc->security = NULL; + } +} + +/** + * smack_fs_context_alloc - Allocate security data for a filesystem context + * @fc: The filesystem context. + * @reference: Reference dentry (automount/reconfigure) or NULL + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_fs_context_alloc(struct fs_context *fc, + struct dentry *reference) +{ + struct smack_fs_context *ctx; + struct superblock_smack *sbsp; + struct inode_smack *isp; + struct smack_known *skp; + + ctx = kzalloc(sizeof(struct smack_fs_context), GFP_KERNEL); + if (!ctx) + goto nomem; + fc->security = ctx; + + sbsp = kzalloc(sizeof(struct superblock_smack), GFP_KERNEL); + if (!sbsp) + goto nomem_free; + ctx->sbsp = sbsp; + + isp = new_inode_smack(NULL); + if (!isp) + goto nomem_free; + ctx->isp = isp; + + if (reference) { + if (reference->d_sb->s_security) + memcpy(sbsp, reference->d_sb->s_security, sizeof(*sbsp)); + } else if (!smack_privileged(CAP_MAC_ADMIN)) { + /* Unprivileged mounts get root and default from the caller. */ + skp = smk_of_current(); + sbsp->smk_root = skp; + sbsp->smk_default = skp; + } else { + sbsp->smk_root = &smack_known_floor; + sbsp->smk_default = &smack_known_floor; + sbsp->smk_floor = &smack_known_floor; + sbsp->smk_hat = &smack_known_hat; + /* SMK_SB_INITIALIZED will be zero from kzalloc. */ + } + + return 0; + +nomem_free: + smack_fs_context_free(fc); +nomem: + return -ENOMEM; +} + +/** + * smack_fs_context_dup - Duplicate the security data on fs_context duplication + * @fc: The new filesystem context. + * @src_fc: The source filesystem context being duplicated. + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_fs_context_dup(struct fs_context *fc, + struct fs_context *src_fc) +{ + struct smack_fs_context *dst, *src = src_fc->security; + int i; + + dst = kzalloc(sizeof(struct smack_fs_context), GFP_KERNEL); + if (!dst) + goto nomem; + fc->security = dst; + + dst->sbsp = kmemdup(src->sbsp, sizeof(struct superblock_smack), + GFP_KERNEL); + if (!dst->sbsp) + goto nomem_free; + + for (i = 0; i < ARRAY_SIZE(dst->ptrs); i++) { + if (src->ptrs[i]) { + dst->ptrs[i] = kstrdup(src->ptrs[i], GFP_KERNEL); + if (!dst->ptrs[i]) + goto nomem_free; + } + } + + return 0; + +nomem_free: + smack_fs_context_free(fc); +nomem: + return -ENOMEM; +} + +/** + * smack_fs_context_parse_option - Parse a single mount option + * @fc: The new filesystem context being constructed. + * @opt: The option text buffer. + * @len: The length of the text. + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_fs_context_parse_option(struct fs_context *fc, char *p, size_t len) +{ + struct smack_fs_context *ctx = fc->security; + substring_t args[MAX_OPT_ARGS]; + int rc = -ENOMEM; + int token; + + /* Unprivileged mounts don't get to specify Smack values. */ + if (!smack_privileged(CAP_MAC_ADMIN)) + return -EPERM; + + token = match_token(p, smk_mount_tokens, args); + switch (token) { + case Opt_fsdefault: + if (ctx->fsdefault) + goto error_dup; + ctx->fsdefault = match_strdup(&args[0]); + if (!ctx->fsdefault) + goto error; + break; + case Opt_fsfloor: + if (ctx->fsfloor) + goto error_dup; + ctx->fsfloor = match_strdup(&args[0]); + if (!ctx->fsfloor) + goto error; + break; + case Opt_fshat: + if (ctx->fshat) + goto error_dup; + ctx->fshat = match_strdup(&args[0]); + if (!ctx->fshat) + goto error; + break; + case Opt_fsroot: + if (ctx->fsroot) + goto error_dup; + ctx->fsroot = match_strdup(&args[0]); + if (!ctx->fsroot) + goto error; + break; + case Opt_fstransmute: + if (ctx->fstransmute) + goto error_dup; + ctx->fstransmute = match_strdup(&args[0]); + if (!ctx->fstransmute) + goto error; + break; + default: + pr_warn("Smack: unknown mount option\n"); + goto error_inval; + } + + return 0; + +error_dup: + pr_warn("Smack: duplicate mount option\n"); +error_inval: + rc = -EINVAL; +error: + return rc; +} + +/** + * smack_fs_context_validate - Validate the filesystem context security data + * @fc: The filesystem context. + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_fs_context_validate(struct fs_context *fc) +{ + struct smack_fs_context *ctx = fc->security; + struct superblock_smack *sbsp = ctx->sbsp; + struct inode_smack *isp = ctx->isp; + struct smack_known *skp; + + if (ctx->fsdefault) { + skp = smk_import_entry(ctx->fsdefault, 0); + if (IS_ERR(skp)) + return PTR_ERR(skp); + sbsp->smk_default = skp; + } + + if (ctx->fsfloor) { + skp = smk_import_entry(ctx->fsfloor, 0); + if (IS_ERR(skp)) + return PTR_ERR(skp); + sbsp->smk_floor = skp; + } + + if (ctx->fshat) { + skp = smk_import_entry(ctx->fshat, 0); + if (IS_ERR(skp)) + return PTR_ERR(skp); + sbsp->smk_hat = skp; + } + + if (ctx->fsroot || ctx->fstransmute) { + skp = smk_import_entry(ctx->fstransmute ?: ctx->fsroot, 0); + if (IS_ERR(skp)) + return PTR_ERR(skp); + sbsp->smk_root = skp; + ctx->transmute = !!ctx->fstransmute; + } + + isp->smk_inode = sbsp->smk_root; + return 0; +} + +/** + * smack_sb_get_tree - Assign the context to a newly created superblock + * @fc: The new filesystem context. + * + * Returns 0 on success or -ENOMEM on error. + */ +static int smack_sb_get_tree(struct fs_context *fc) +{ + struct smack_fs_context *ctx = fc->security; + struct superblock_smack *sbsp = ctx->sbsp; + struct dentry *root = fc->root; + struct inode *inode = d_backing_inode(root); + struct super_block *sb = root->d_sb; + struct inode_smack *isp; + bool transmute = ctx->transmute; + + if (sb->s_security) + return 0; + + if (!smack_privileged(CAP_MAC_ADMIN)) { + /* + * For a handful of fs types with no user-controlled + * backing store it's okay to trust security labels + * in the filesystem. The rest are untrusted. + */ + if (fc->user_ns != &init_user_ns && + sb->s_magic != SYSFS_MAGIC && sb->s_magic != TMPFS_MAGIC && + sb->s_magic != RAMFS_MAGIC) { + transmute = true; + sbsp->smk_flags |= SMK_SB_UNTRUSTED; + } + } + + sbsp->smk_flags |= SMK_SB_INITIALIZED; + sb->s_security = sbsp; + ctx->sbsp = NULL; + + /* Initialize the root inode. */ + isp = inode->i_security; + if (isp == NULL) { + isp = ctx->isp; + ctx->isp = NULL; + inode->i_security = isp; + } else + isp->smk_inode = sbsp->smk_root; + + if (transmute) + isp->smk_flags |= SMK_INODE_TRANSMUTE; + + return 0; +} /* * Superblock Hooks. @@ -4647,6 +4949,13 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ptrace_traceme, smack_ptrace_traceme), LSM_HOOK_INIT(syslog, smack_syslog), + LSM_HOOK_INIT(fs_context_alloc, smack_fs_context_alloc), + LSM_HOOK_INIT(fs_context_dup, smack_fs_context_dup), + LSM_HOOK_INIT(fs_context_free, smack_fs_context_free), + LSM_HOOK_INIT(fs_context_parse_option, smack_fs_context_parse_option), + LSM_HOOK_INIT(fs_context_validate, smack_fs_context_validate), + LSM_HOOK_INIT(sb_get_tree, smack_sb_get_tree), + LSM_HOOK_INIT(sb_alloc_security, smack_sb_alloc_security), LSM_HOOK_INIT(sb_free_security, smack_sb_free_security), LSM_HOOK_INIT(sb_copy_data, smack_sb_copy_data), -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2018-07-10 22:42 UTC|newest] Thread overview: 126+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-07-10 22:41 [PATCH 00/32] VFS: Introduce filesystem context [ver #9] David Howells 2018-07-10 22:41 ` [PATCH 01/32] vfs: syscall: Add open_tree(2) to reference or clone a mount " David Howells 2018-07-10 22:41 ` [PATCH 02/32] vfs: syscall: Add move_mount(2) to move mounts around " David Howells 2018-07-10 22:41 ` [PATCH 03/32] teach move_mount(2) to work with OPEN_TREE_CLONE " David Howells 2018-07-10 22:41 ` [PATCH 04/32] vfs: Suppress MS_* flag defs within the kernel unless explicitly enabled " David Howells 2018-07-10 22:42 ` [PATCH 05/32] vfs: Introduce the basic header for the new mount API's filesystem context " David Howells 2018-07-10 22:42 ` [PATCH 06/32] vfs: Add LSM hooks for the new mount API " David Howells 2018-07-10 22:42 ` David Howells 2018-07-10 22:42 ` [PATCH 07/32] selinux: Implement the new mount API LSM hooks " David Howells 2018-07-10 22:42 ` David Howells 2018-07-11 14:08 ` Stephen Smalley 2018-07-11 14:08 ` Stephen Smalley 2018-07-10 22:42 ` David Howells [this message] 2018-07-10 22:42 ` [PATCH 08/32] smack: Implement filesystem context security " David Howells 2018-07-10 23:13 ` Casey Schaufler 2018-07-10 23:13 ` Casey Schaufler 2018-07-10 23:19 ` David Howells 2018-07-10 23:19 ` David Howells 2018-07-10 23:28 ` Casey Schaufler 2018-07-10 23:28 ` Casey Schaufler 2018-07-10 22:42 ` [PATCH 09/32] apparmor: Implement security hooks for the new mount API " David Howells 2018-07-10 22:42 ` David Howells 2018-07-10 22:42 ` [PATCH 10/32] tomoyo: " David Howells 2018-07-10 22:42 ` David Howells 2018-07-10 23:34 ` Tetsuo Handa 2018-07-10 23:34 ` Tetsuo Handa 2018-07-10 22:42 ` [PATCH 11/32] vfs: Require specification of size of mount data for internal mounts " David Howells 2018-07-10 22:51 ` Linus Torvalds 2018-07-10 22:42 ` [PATCH 12/32] vfs: Separate changing mount flags full remount " David Howells 2018-07-10 22:42 ` [PATCH 13/32] vfs: Implement a filesystem superblock creation/configuration context " David Howells 2018-07-10 22:43 ` [PATCH 14/32] vfs: Remove unused code after filesystem context changes " David Howells 2018-07-10 22:43 ` [PATCH 15/32] procfs: Move proc_fill_super() to fs/proc/root.c " David Howells 2018-07-10 22:43 ` [PATCH 16/32] proc: Add fs_context support to procfs " David Howells 2018-07-10 22:43 ` [PATCH 17/32] ipc: Convert mqueue fs to fs_context " David Howells 2018-07-10 22:43 ` [PATCH 18/32] cpuset: Use " David Howells 2018-07-10 22:43 ` [PATCH 19/32] kernfs, sysfs, cgroup, intel_rdt: Support " David Howells 2018-07-10 22:43 ` [PATCH 20/32] hugetlbfs: Convert to " David Howells 2018-07-10 22:43 ` [PATCH 21/32] vfs: Remove kern_mount_data() " David Howells 2018-07-10 22:43 ` [PATCH 22/32] vfs: Provide documentation for new mount API " David Howells 2018-07-13 1:37 ` Randy Dunlap 2018-07-13 9:45 ` David Howells 2018-07-10 22:44 ` [PATCH 23/32] Make anon_inodes unconditional " David Howells 2018-07-10 22:44 ` [PATCH 24/32] vfs: syscall: Add fsopen() to prepare for superblock creation " David Howells 2018-07-10 23:59 ` Andy Lutomirski 2018-07-11 1:05 ` Linus Torvalds 2018-07-11 1:15 ` Al Viro 2018-07-11 1:33 ` Andy Lutomirski 2018-07-11 1:48 ` Linus Torvalds 2018-07-11 8:43 ` David Howells 2018-07-11 1:14 ` Jann Horn 2018-07-11 1:16 ` Al Viro 2018-07-11 8:42 ` David Howells 2018-07-11 16:03 ` Linus Torvalds 2018-07-11 7:22 ` David Howells 2018-07-11 16:38 ` Eric Biggers 2018-07-11 17:06 ` Andy Lutomirski 2018-07-12 14:54 ` David Howells 2018-07-12 15:50 ` Linus Torvalds 2018-07-12 16:00 ` Al Viro 2018-07-12 16:07 ` Linus Torvalds 2018-07-12 16:31 ` Al Viro 2018-07-12 16:39 ` Linus Torvalds 2018-07-12 17:14 ` Linus Torvalds 2018-07-12 17:44 ` Al Viro 2018-07-12 17:54 ` Linus Torvalds 2018-07-12 17:52 ` Al Viro 2018-07-12 16:23 ` Andy Lutomirski 2018-07-12 16:31 ` Linus Torvalds 2018-07-12 16:41 ` Al Viro 2018-07-12 16:58 ` Al Viro 2018-07-12 17:54 ` Andy Lutomirski 2018-07-12 20:23 ` David Howells 2018-07-12 20:25 ` Andy Lutomirski 2018-07-12 20:34 ` Linus Torvalds 2018-07-12 20:36 ` Linus Torvalds 2018-07-12 21:26 ` David Howells 2018-07-12 21:40 ` Linus Torvalds 2018-07-12 22:32 ` Theodore Y. Ts'o 2018-07-12 22:54 ` David Howells 2018-07-12 23:21 ` Andy Lutomirski 2018-07-12 23:23 ` Jann Horn 2018-07-12 23:33 ` Jann Horn 2018-07-12 23:35 ` David Howells 2018-07-12 23:50 ` Andy Lutomirski 2018-07-13 0:03 ` David Howells 2018-07-13 0:03 ` David Howells 2018-07-13 0:24 ` Andy Lutomirski 2018-07-13 0:24 ` Andy Lutomirski 2018-07-13 7:30 ` David Howells 2018-07-13 7:30 ` David Howells 2018-07-19 1:30 ` Eric W. Biederman 2018-07-13 2:35 ` Theodore Y. Ts'o 2018-07-12 21:00 ` David Howells 2018-07-12 21:29 ` Linus Torvalds 2018-07-13 13:27 ` David Howells 2018-07-13 15:01 ` Andy Lutomirski 2018-07-13 15:40 ` David Howells 2018-07-13 17:14 ` Andy Lutomirski 2018-07-17 9:40 ` David Howells 2018-07-11 15:51 ` Jonathan Corbet 2018-07-11 16:18 ` David Howells 2018-07-12 17:15 ` Greg KH 2018-07-12 17:20 ` Al Viro 2018-07-12 18:03 ` Greg KH 2018-07-12 18:30 ` Andy Lutomirski 2018-07-12 18:34 ` Al Viro 2018-07-12 18:35 ` Al Viro 2018-07-12 19:08 ` Greg KH 2018-07-10 22:44 ` [PATCH 25/32] vfs: syscall: Add fsmount() to create a mount for a superblock " David Howells 2018-07-10 22:44 ` [PATCH 26/32] vfs: syscall: Add fspick() to select a superblock for reconfiguration " David Howells 2018-07-10 22:44 ` [PATCH 27/32] vfs: Implement logging through fs_context " David Howells 2018-07-10 22:44 ` [PATCH 28/32] vfs: Add some logging to the core users of the fs_context log " David Howells 2018-07-10 22:44 ` [PATCH 29/32] afs: Add fs_context support " David Howells 2018-07-10 22:44 ` [PATCH 30/32] afs: Use fs_context to pass parameters over automount " David Howells 2018-07-10 22:44 ` [PATCH 31/32] vfs: syscall: Add fsinfo() to query filesystem information " David Howells 2018-07-10 22:45 ` [PATCH 32/32] afs: Add fsinfo support " David Howells 2018-07-10 22:52 ` [MANPAGE PATCH] Add manpages for move_mount(2) and open_tree(2) David Howells 2019-10-09 9:51 ` Michael Kerrisk (man-pages) 2018-07-10 22:54 ` [MANPAGE PATCH] Add manpage for fsopen(2), fspick(2) and fsmount(2) David Howells 2019-10-09 9:52 ` Michael Kerrisk (man-pages) 2018-07-10 22:55 ` [MANPAGE PATCH] Add manpage for fsinfo(2) David Howells 2019-10-09 9:52 ` Michael Kerrisk (man-pages) 2019-10-09 12:02 ` David Howells 2018-07-10 23:01 ` [PATCH 00/32] VFS: Introduce filesystem context [ver #9] Linus Torvalds 2018-07-12 0:46 ` David Howells 2018-07-18 21:29 ` Getting rid of the usage of write() -- was " David Howells
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=153126254346.14533.14191961720018099798.stgit@warthog.procyon.org.uk \ --to=dhowells@redhat.com \ --cc=casey@schaufler-ca.com \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-security-module@vger.kernel.org \ --cc=torvalds@linux-foundation.org \ --cc=viro@zeniv.linux.org.uk \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.