mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
727,941 Commits 103 Branches 5,016 Tags 5.4 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Go to file
Amir Goldstein 4dfce60487 ovl: skip getxattr of security labels 
[ Upstream commit 03fedf9359 ]

When inode has no listxattr op of its own (e.g. squashfs) vfs_listxattr
calls the LSM inode_listsecurity hooks to list the xattrs that LSMs will
intercept in inode_getxattr hooks.

When selinux LSM is installed but not initialized, it will list the
security.selinux xattr in inode_listsecurity, but will not intercept it
in inode_getxattr.  This results in -ENODATA for a getxattr call for an
xattr returned by listxattr.

This situation was manifested as overlayfs failure to copy up lower
files from squashfs when selinux is built-in but not initialized,
because ovl_copy_xattr() iterates the lower inode xattrs by
vfs_listxattr() and vfs_getxattr().

ovl_copy_xattr() skips copy up of security labels that are indentified by
inode_copy_up_xattr LSM hooks, but it does that after vfs_getxattr().
Since we are not going to copy them, skip vfs_getxattr() of the security
labels.

Reported-by: Michael Labriola <michael.d.labriola@gmail.com>
Tested-by: Michael Labriola <michael.d.labriola@gmail.com>
Link: https://lore.kernel.org/linux-unionfs/2nv9d47zt7.fsf@aldarion.sourceruckus.org/
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2021-02-23 14:00:31 +01:00
Documentation USB: UAS: introduce a quirk to set no_write_same 2020-12-29 13:46:46 +01:00
arch arm64: dts: rockchip: Fix PCIe DT properties on rk3399 2021-02-23 14:00:31 +01:00
block block: fix use-after-free in disk_part_iter_next 2021-01-17 13:59:01 +01:00
certs Replace magic for trusting the secondary keyring with #define 2018-09-09 19:55:54 +02:00
crypto crypto: ecdh - avoid buffer overflow in ecdh_set_secret() 2021-01-12 20:09:09 +01:00
drivers platform/x86: hp-wmi: Disable tablet-mode reporting by default 2021-02-23 14:00:31 +01:00
firmware Fix built-in early-load Intel microcode alignment 2020-01-23 08:20:30 +01:00
fs ovl: skip getxattr of security labels 2021-02-23 14:00:31 +01:00
include arm/xen: Don't probe xenbus as part of an early initcall 2021-02-23 14:00:31 +01:00
init printk: reduce LOG_BUF_SHIFT range for H8300 2020-11-05 11:06:55 +01:00
ipc ipc/util.c: sysvipc_find_ipc() incorrectly updates position index 2020-05-20 08:17:07 +02:00
kernel tracing: Check length before giving out the filter buffer 2021-02-23 14:00:31 +01:00
lib lib/string: Add strscpy_pad() function 2021-02-23 14:00:30 +01:00
mm memcg: fix a crash in wb_workfn when a device disappears 2021-02-23 14:00:30 +01:00
net SUNRPC: Handle 0 length opaque XDR object data properly 2021-02-23 14:00:30 +01:00
samples samples: bpf: Fix lwt_len_hist reusing previous BPF map 2020-12-29 13:46:56 +01:00
scripts depmod: handle the case of /sbin/depmod without /sbin in PATH 2021-01-12 20:09:06 +01:00
security cap: fix conversions on getxattr 2021-02-23 14:00:31 +01:00
sound ASoC: Intel: haswell: Add missing pm_ops 2021-01-30 13:31:12 +01:00
tools objtool: Support Clang non-section symbols in ORC generation 2021-02-10 09:12:08 +01:00
usr initramfs: restore default compression behavior 2020-04-13 10:34:19 +02:00
virt KVM: fix overflow of zero page refcount with ksm running 2020-10-01 13:12:33 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore kbuild: rpm-pkg: keep spec file until make mrproper 2018-02-13 10:19:46 +01:00
.mailmap .mailmap: Add Maciej W. Rozycki's Imagination e-mail address 2017-11-10 12:16:15 -08:00
COPYING
CREDITS MAINTAINERS: update TPM driver infrastructure changes 2017-11-09 17:58:40 -08:00
Kbuild License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
MAINTAINERS MAINTAINERS: Update drm/i915 bug filing URL 2020-02-28 16:36:12 +01:00
Makefile Linux 4.14.221 2021-02-10 09:12:10 +01:00
README README: add a new README file, pointing to the Documentation/ 2016-10-24 08:12:35 -02:00

README 

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.