Stephen Smalley (sds@xxxxxxxxxxxxx) said: > > Can you, in the kernel, easily check to see if xattrs are supported for a > > filesystem? No. > > SELinux xattrs are _always_ supported for every filesystem by > definition, because their values are actually provided by the SELinux > module. All data must be labeled. Then the filesystem should have a getxattr() method... that's all that I'm saying here. Having filesystems that return xattrs, but, claim they don't in their own methods, is somewhat disingenious. > > > > I could theoretically patch unionfs to call the vfs method, but... ew. > > > > listxattr isn't exported as a vfs method, and even just using the vfs_get/setxattr > > methods doesn't appear to work correctly. > > Not sure what issue you are encountering with using vfs_getxattr; nfsd > uses it. Locks. Could be some other stuck locks, will investigate some more. > For listxattr, introducing a vfs_listxattr should be > straightforward and reasonable if there is a user for it; I think the > absence is just due to a lack of a user. If we're going to have the filesystem's own getxattr() methods not actually tell whether the FS returns an xattr, I think wrapping all the calls is needed... Bill -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
