On Wed, 2008-04-02 at 16:50 +0200, Miklos Szeredi wrote: > > On Wed, 2008-04-02 at 11:16 +0200, Miklos Szeredi wrote: > > > Where's 1/2? I've ported this to the tip of the vfs-2.6 tree, but > > > can't compile it without the other half. > > > > I have a question for everyone though. How are these options used? > > SELinux mount options can contain commas. When sending such options > > from userspace they are inside quotes. Should I go ahead and quote > > selinux options so they can be directly used back into mount commands? > > Yes. > > > Should I just leave them in there without quotes and let anyone who > > tries to feel them back into mount figure it out? > > Ideally copying the options out of /proc/mounts, then doing a mount > with those options should exactly duplicate the original mount. > > > I'm ignoring seq_* failures. Which kinda scares me since it means i > > could get half of one option and half of another and the user would not > > realize it. Maybe I should build a single string for each selinux > > option and do a single seq_puts() so seq_* failure only means missing > > options, not possibly corrupted options... > > Errors from seq_* can be safely ignored, seq_file remembers that there > was an error. Pardon my ignorance, but can you point to where in the code this is done? Offhand, it seems like seq_putc and seq_puts overflow will be ignored if the caller (in this case, Eric's code - selinux_write_opts) doesn't propagate the error status back up the call chain, and we'll just end up with a truncated list of options. -- Stephen Smalley National Security Agency -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
