Re: [PATCH v15 0/4] overlayfs override_creds=off & nested get xattr fix
From: Mark Salyzyn
Date: Tue Nov 05 2019 - 10:20:16 EST
On 11/4/19 11:56 PM, Amir Goldstein wrote:
On Mon, Nov 4, 2019 at 11:53 PM Mark Salyzyn <salyzyn@xxxxxxxxxxx> wrote:
Patch series:
Mark Salyzyn (4):
Add flags option to get xattr method paired to __vfs_getxattr
Sigh.. did not get to fsdevel (again...) I already told you several times
that you need to use a shorter CC list.
This is a direct result of the _required_ scripts/get_maintainer.pl
logic, I am not going to override it for first send. I was going to
forward to fsdevel after the messages settled, I am still waiting for
1/4 to land on lore before continuing.
The first patch in the series needs to get in before the others. I was
told to send the first one individually because the series has so many
recipients and stakeholders, and <crickets> because no on could see the
reason for the patch once it was all by itself. So I rejoined the set so
they could see the reason for the first patch.
If only the first patch in the series that added the flag argument got
in (somewhere), then the overlayfs portion would be much easier to handle.
overlayfs: handle XATTR_NOSECURITY flag for get xattr method
overlayfs: internal getxattr operations without sepolicy checking
overlayfs: override_creds=off option bypass creator_cred
It would be better for review IMO if you rebase your series on top of
git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs.git ovl-unpriv
Will do, send it only to fsdevel, other recipients? What do I do with
get_maintainer.pl? The first patch in the series is noisy, I am getting
more and more uncomfortable sending it to the list as it looks more and
more like spam.
1. internal getxattr patch would be a one liner change to ovl_own_getxattr()
2. The documentation of override_creds would be much more
meaningful if it used the overlay permission model terminology
that Miklos added in his patch set and extend it
Thanks,
Amir.
-- Mark