On Wed, 2008-04-02 at 11:16 +0200, Miklos Szeredi wrote: > Where's 1/2? I've ported this to the tip of the vfs-2.6 tree, but > can't compile it without the other half. I have a question for everyone though. How are these options used? SELinux mount options can contain commas. When sending such options from userspace they are inside quotes. Should I go ahead and quote selinux options so they can be directly used back into mount commands? Should I just leave them in there without quotes and let anyone who tries to feel them back into mount figure it out? I'm ignoring seq_* failures. Which kinda scares me since it means i could get half of one option and half of another and the user would not realize it. Maybe I should build a single string for each selinux option and do a single seq_puts() so seq_* failure only means missing options, not possibly corrupted options... > > Miklos > > ---- > From: Eric Paris <eparis@xxxxxxxxxx> > > This patch causes SELinux mount options to show up in /proc/mounts. As > with other code in the area seq_put errors are ignored. Other LSM's > will not have their mount options displayed until they fill in their own > security_sb_show_options() function. > > Signed-off-by: Eric Paris <eparis@xxxxxxxxxx> > Signed-off-by: Miklos Szeredi <mszeredi@xxxxxxx> > --- > fs/namespace.c | 12 ++++++---- > include/linux/security.h | 9 ++++++++ > security/dummy.c | 6 +++++ > security/security.c | 5 ++++ > security/selinux/hooks.c | 52 +++++++++++++++++++++++++++++++++++++++++++++-- > 5 files changed, 77 insertions(+), 7 deletions(-) > > Index: vfs-2.6/include/linux/security.h > =================================================================== > --- vfs-2.6.orig/include/linux/security.h 2008-03-31 14:16:24.000000000 +0200 > +++ vfs-2.6/include/linux/security.h 2008-04-02 10:59:10.000000000 +0200 > @@ -74,6 +74,7 @@ struct xfrm_selector; > struct xfrm_policy; > struct xfrm_state; > struct xfrm_user_sec_ctx; > +struct seq_file; > > extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb); > extern int cap_netlink_recv(struct sk_buff *skb, int cap); > @@ -1259,6 +1260,7 @@ struct security_operations { > void (*sb_free_security) (struct super_block * sb); > int (*sb_copy_data)(char *orig, char *copy); > int (*sb_kern_mount) (struct super_block *sb, void *data); > + int (*sb_show_options) (struct seq_file *m, struct super_block *sb); > int (*sb_statfs) (struct dentry *dentry); > int (*sb_mount) (char *dev_name, struct path *path, > char *type, unsigned long flags, void *data); > @@ -1527,6 +1529,7 @@ int security_sb_alloc(struct super_block > void security_sb_free(struct super_block *sb); > int security_sb_copy_data(char *orig, char *copy); > int security_sb_kern_mount(struct super_block *sb, void *data); > +int security_sb_show_options(struct seq_file *m, struct super_block *sb); > int security_sb_statfs(struct dentry *dentry); > int security_sb_mount(char *dev_name, struct path *path, > char *type, unsigned long flags, void *data); > @@ -1800,6 +1803,12 @@ static inline int security_sb_kern_mount > return 0; > } > > +static inline int security_sb_show_options(struct seq_file *m, > + struct super_block *sb) > +{ > + return 0; > +} > + > static inline int security_sb_statfs (struct dentry *dentry) > { > return 0; > Index: vfs-2.6/security/dummy.c > =================================================================== > --- vfs-2.6.orig/security/dummy.c 2008-03-31 14:16:24.000000000 +0200 > +++ vfs-2.6/security/dummy.c 2008-04-02 10:59:10.000000000 +0200 > @@ -191,6 +191,11 @@ static int dummy_sb_kern_mount (struct s > return 0; > } > > +static int dummy_sb_show_options(struct seq_file *m, struct super_block *sb) > +{ > + return 0; > +} > + > static int dummy_sb_statfs (struct dentry *dentry) > { > return 0; > @@ -1017,6 +1022,7 @@ void security_fixup_ops (struct security > set_to_dummy_if_null(ops, sb_free_security); > set_to_dummy_if_null(ops, sb_copy_data); > set_to_dummy_if_null(ops, sb_kern_mount); > + set_to_dummy_if_null(ops, sb_show_options); > set_to_dummy_if_null(ops, sb_statfs); > set_to_dummy_if_null(ops, sb_mount); > set_to_dummy_if_null(ops, sb_check_sb); > Index: vfs-2.6/security/security.c > =================================================================== > --- vfs-2.6.orig/security/security.c 2008-03-31 14:16:24.000000000 +0200 > +++ vfs-2.6/security/security.c 2008-04-02 10:59:10.000000000 +0200 > @@ -255,6 +255,11 @@ int security_sb_kern_mount(struct super_ > return security_ops->sb_kern_mount(sb, data); > } > > +int security_sb_show_options(struct seq_file *m, struct super_block *sb) > +{ > + return security_ops->sb_show_options(m, sb); > +} > + > int security_sb_statfs(struct dentry *dentry) > { > return security_ops->sb_statfs(dentry); > Index: vfs-2.6/security/selinux/hooks.c > =================================================================== > --- vfs-2.6.orig/security/selinux/hooks.c 2008-03-31 14:16:24.000000000 +0200 > +++ vfs-2.6/security/selinux/hooks.c 2008-04-02 10:59:10.000000000 +0200 > @@ -9,7 +9,8 @@ > * James Morris <jmorris@xxxxxxxxxx> > * > * Copyright (C) 2001,2002 Networks Associates Technology, Inc. > - * Copyright (C) 2003 Red Hat, Inc., James Morris <jmorris@xxxxxxxxxx> > + * Copyright (C) 2003-2008 Red Hat, Inc., James Morris <jmorris@xxxxxxxxxx> > + * Eric Paris <eparis@xxxxxxxxxx> > * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. > * <dgoeddel@xxxxxxxxxxxxx> > * Copyright (C) 2006, 2007 Hewlett-Packard Development Company, L.P. > @@ -19,7 +20,7 @@ > * > * This program is free software; you can redistribute it and/or modify > * it under the terms of the GNU General Public License version 2, > - * as published by the Free Software Foundation. > + * as published by the Free Software Foundation. > */ > > #include <linux/init.h> > @@ -947,6 +948,52 @@ out_err: > return rc; > } > > +void selinux_write_opts(struct seq_file *m, struct security_mnt_opts *opts) > +{ > + int i; > + char *prefix; > + > + for (i = 0; i < opts->num_mnt_opts; i++) { > + /* we need a comma before each option */ > + seq_putc(m, ','); > + > + switch (opts->mnt_opts_flags[i]) { > + case CONTEXT_MNT: > + prefix = CONTEXT_STR; > + break; > + case FSCONTEXT_MNT: > + prefix = FSCONTEXT_STR; > + break; > + case ROOTCONTEXT_MNT: > + prefix = ROOTCONTEXT_STR; > + break; > + case DEFCONTEXT_MNT: > + prefix = DEFCONTEXT_STR; > + break; > + default: > + BUG(); > + }; > + seq_puts(m, prefix); > + seq_puts(m, opts->mnt_opts[i]); > + } > +} > + > +static int selinux_sb_show_options(struct seq_file *m, struct super_block *sb) > +{ > + struct security_mnt_opts opts; > + int rc; > + > + rc = selinux_get_mnt_opts(sb, &opts); > + if (rc) > + return rc; > + > + selinux_write_opts(m, &opts); > + > + security_free_mnt_opts(&opts); > + > + return rc; > +} > + > static inline u16 inode_mode_to_security_class(umode_t mode) > { > switch (mode & S_IFMT) { > @@ -5257,6 +5304,7 @@ static struct security_operations selinu > .sb_free_security = selinux_sb_free_security, > .sb_copy_data = selinux_sb_copy_data, > .sb_kern_mount = selinux_sb_kern_mount, > + .sb_show_options = selinux_sb_show_options, > .sb_statfs = selinux_sb_statfs, > .sb_mount = selinux_mount, > .sb_umount = selinux_umount, > Index: vfs-2.6/fs/namespace.c > =================================================================== > --- vfs-2.6.orig/fs/namespace.c 2008-03-31 14:16:24.000000000 +0200 > +++ vfs-2.6/fs/namespace.c 2008-04-02 11:03:18.000000000 +0200 > @@ -748,7 +748,7 @@ struct proc_fs_info { > const char *str; > }; > > -static void show_sb_opts(struct seq_file *m, struct super_block *sb) > +static int show_sb_opts(struct seq_file *m, struct super_block *sb) > { > static const struct proc_fs_info fs_info[] = { > { MS_SYNCHRONOUS, ",sync" }, > @@ -762,6 +762,8 @@ static void show_sb_opts(struct seq_file > if (sb->s_flags & fs_infop->flag) > seq_puts(m, fs_infop->str); > } > + > + return security_sb_show_options(m, sb); > } > > static void show_mnt_opts(struct seq_file *m, struct vfsmount *mnt) > @@ -804,9 +806,9 @@ static int show_vfsmnt(struct seq_file * > seq_putc(m, ' '); > show_type(m, mnt->mnt_sb); > seq_puts(m, __mnt_is_readonly(mnt) ? " ro" : " rw"); > - show_sb_opts(m, mnt->mnt_sb); > + err = show_sb_opts(m, mnt->mnt_sb); > show_mnt_opts(m, mnt); > - if (mnt->mnt_sb->s_op->show_options) > + if (!err && mnt->mnt_sb->s_op->show_options) > err = mnt->mnt_sb->s_op->show_options(m, mnt); > seq_puts(m, " 0 0\n"); > return err; > @@ -863,8 +865,8 @@ static int show_mountinfo(struct seq_fil > seq_putc(m, ' '); > mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none"); > seq_puts(m, sb->s_flags & MS_RDONLY ? " ro" : " rw"); > - show_sb_opts(m, sb); > - if (sb->s_op->show_options) > + err = show_sb_opts(m, sb); > + if (!err && sb->s_op->show_options) > err = sb->s_op->show_options(m, mnt); > seq_putc(m, '\n'); > return err; -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html