| 1 |
On 04/07/2013 07:01 PM, Tom Wijsman wrote: |
| 2 |
> On Sun, 07 Apr 2013 18:08:41 -0400 |
| 3 |
> "Anthony G. Basile" <blueness@g.o> wrote: |
| 4 |
> |
| 5 |
>> I can try to get the user.pax on tmpfs patch into the Linux tree. At |
| 6 |
>> the very least, we can get it into gentoo-sources. |
| 7 |
> What does this patch do? I haven't been following this discussion; |
| 8 |
> also, please CC kernel@g.o when you report this so we can track. |
| 9 |
> |
| 10 |
> On a side note, stabilization in the 3.8 branch is not far away; I am |
| 11 |
> expecting this to happen somewhere in the second half of this month. If |
| 12 |
> you want the patch to be present in the stabilized 3.8 branch kernel, it |
| 13 |
> would be nice to have the patch before then. |
| 14 |
> |
| 15 |
Currently tmpfs only supports XATTR_SECURITY and XATTR_TRUSTED |
| 16 |
namespaces. Take a look at mm/shmem.c, particularly |
| 17 |
shmem_xattr_validate() around line 2112. But we're putting XATTR_PAX |
| 18 |
markings in the user namespace, actually a subspace of it, "user.pax". |
| 19 |
Since we need to preserve XATTR_PAX flags as portage moves stuff around, |
| 20 |
we need to expand the allowed xattr namespace for tmpfs. That's what |
| 21 |
this patch does. |
| 22 |
|
| 23 |
I originally wanted in gentoo-sources, but there was concern --- I |
| 24 |
forget who. Pushing it upstream may be hard because upstream doesn't |
| 25 |
respect PaX. I can still try. |
| 26 |
|
| 27 |
-- |
| 28 |
Anthony G. Basile, Ph.D. |
| 29 |
Gentoo Linux Developer [Hardened] |
| 30 |
E-Mail : blueness@g.o |
| 31 |
GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA |
| 32 |
GnuPG ID : F52D4BBA |
Archives