On Wed, Apr 10, 2013 at 11:48:45AM -0400, Steve Dickson wrote: > > > On 10/04/13 11:09, J. Bruce Fields wrote: > > On Tue, Apr 02, 2013 at 05:45:41PM -0400, Steve Dickson wrote: > >> From: Steve Dickson <steved@xxxxxxxxxx> > >> > >> Here is the next release of the Label NFS patches > >> forward ported to linux-3.9-rc3. > >> > >> I decided to include the the v4.2 enabling patches since > >> I'm doing all my testing with both sets so at this point > >> I don't think it makes sense to separate them. Plus I'm > >> hoping they will take care of the SETATTR problem Bruce was > >> seeing since label attributes were leaking into the bitmask > >> when they were not suppose to. > > > > Still getting a failure. All you need to do is something like: > > > > git clone git://linux-nfs.org/~bfields/pynfs.git > > cd pynfs > > ./setup.py build > > ./setup.py build_ext --inplace > > ./nfs4.0/testserver.py pip1:/path/to/export/tmpdir ---maketree --rundeps SATT13 > Ok... Is this with labels enabled or not enabled? Whoops, sorry for not seeing the question before. I believe labels are turned off the kernel config. --b. > > steved. > > > > > --b. > > > >> > >> I also believe I've address all the review comments of the previous > >> release. Thank you very much for those cycles, it definitely > >> appreciated! > >> > >> The patches are on a public git tree at > >> git://fedorapeople.org/~steved/linux-steved lnfs-v3.9-rc5 > >> > >> Fedora rpms on request. I didn't think anybody was using them so I > >> stopped building them. If that is not the case, please let me know. > >> > >> David Quigley (12): > >> Security: Add hook to calculate context based on a negative dentry. > >> Security: Add Hook to test if the particular xattr is part of a MAC > >> model. > >> LSM: Add flags field to security_sb_set_mnt_opts for in kernel mount > >> data. > >> SELinux: Add new labeling type native labels > >> NFSv4: Add label recommended attribute and NFSv4 flags > >> NFSv4: Introduce new label structure > >> NFSv4: Extend fattr bitmaps to support all 3 words > >> NFS:Add labels to client function prototypes > >> NFS: Add label lifecycle management > >> NFS: Client implementation of Labeled-NFS > >> NFS: Extend NFS xattr handlers to accept the security namespace > >> NFSD: Server implementation of MAC Labeling > >> > >> Steve Dickson (7): > >> Kconfig: Add Kconfig entry for Labeled NFS V4 client > >> Kconfig: Add Kconfig entry for Labeled NFS V4 server > >> NFSv4.2: Added NFS v4.2 support to the NFS client > >> NFSv4.2: Only allocate labels on v4.2 mounts > >> NFSv4.2: Only set the label attribute on v4.2 mounts > >> NFSv4.2: Added v4.2 error codes > >> NFSDv4.2: Added NFS v4.2 support to the NFS server > >> > >> fs/nfs/Kconfig | 28 ++ > >> fs/nfs/callback.c | 1 + > >> fs/nfs/client.c | 2 +- > >> fs/nfs/dir.c | 46 ++- > >> fs/nfs/getroot.c | 2 +- > >> fs/nfs/inode.c | 133 ++++++-- > >> fs/nfs/namespace.c | 2 +- > >> fs/nfs/nfs3acl.c | 4 +- > >> fs/nfs/nfs3proc.c | 41 +-- > >> fs/nfs/nfs4_fs.h | 8 +- > >> fs/nfs/nfs4client.c | 5 + > >> fs/nfs/nfs4namespace.c | 2 +- > >> fs/nfs/nfs4proc.c | 614 ++++++++++++++++++++++++++++++++---- > >> fs/nfs/nfs4xdr.c | 188 ++++++++--- > >> fs/nfs/pnfs.c | 2 +- > >> fs/nfs/proc.c | 15 +- > >> fs/nfs/super.c | 24 +- > >> fs/nfsd/Kconfig | 16 + > >> fs/nfsd/nfs4proc.c | 41 +++ > >> fs/nfsd/nfs4xdr.c | 117 ++++++- > >> fs/nfsd/nfsd.h | 14 +- > >> fs/nfsd/nfsproc.c | 1 + > >> fs/nfsd/vfs.c | 28 ++ > >> fs/nfsd/vfs.h | 2 + > >> fs/nfsd/xdr4.h | 3 + > >> include/linux/nfs4.h | 20 ++ > >> include/linux/nfs_fs.h | 40 ++- > >> include/linux/nfs_fs_sb.h | 10 +- > >> include/linux/nfs_xdr.h | 30 +- > >> include/linux/security.h | 57 +++- > >> include/uapi/linux/nfs4.h | 2 +- > >> security/capability.c | 19 +- > >> security/security.c | 24 +- > >> security/selinux/hooks.c | 92 +++++- > >> security/selinux/include/security.h | 2 + > >> security/selinux/ss/policydb.c | 5 +- > >> security/smack/smack_lsm.c | 11 + > >> 37 files changed, 1432 insertions(+), 219 deletions(-) > >> > >> -- > >> 1.8.1.4 > >> > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
