On Mon, Aug 11, 2008 at 7:00 AM, Russell Coker <russell@xxxxxxxxxxxx> wrote:
> runcon -l s0:`/tmp/test.pl 630`-s0:`/tmp/test.pl 1023` id
>
> The above command fails with error "File too large". It seems that for full
> support of ranges with the pessimal combination of categories we could have
> no more than about 700 categories.
>
> open("/selinux/context", O_RDWR) = 3
> write(3, "unconfined_u:unconfined_r:unconfi"..., 4088) = -1 EFBIG (File too
> large)
>
> Above are the relevant lines from strace output. I'm running Debian kernel
> 2.6.18. I expect that a single page is used by the kernel to store the data
> written to /selinux/context.
It looks be be slightly smaller than 1 page::
fs/libfs.c::simple_transaction_get()
does:
ar = (struct simple_transaction_argresp *)get_zeroed_page(GFP_KERNEL);
where the simple_transaction_argresp is:
struct simple_transaction_argresp {
ssize_t size;
char data[0];
};
So its really one page - sizeof(ssize_t) nothing to break here :)
If anyone comes up with a need for this in reality would could
probably make it bigger, but for now, I think this code is good....
-Eric
>
> Below is the contents of /tmp/test.pl.
>
> #!/usr/bin/perl
>
> for($i=1; $i < $ARGV[0]; $i +=2)
> {
> print "c$i,";
> }
> print "c1023\n";
>
>
> NB I don't have any good reason for wanting to do this. I just wondered if I
> could break anything.
>
> --
> russell@xxxxxxxxxxxx
> http://etbe.coker.com.au/ My Blog
>
> http://www.coker.com.au/sponsorship.html Sponsoring Free Software development
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
> the words "unsubscribe selinux" without quotes as the message.
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
