kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #50851
[Bug 1295948] Re: mako kernel doesn't support xattrs in the security namespace
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: linux (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1295948
Title:
mako kernel doesn't support xattrs in the security namespace
Status in “linux” package in Ubuntu:
Confirmed
Bug description:
Attempting on a mako device to setfattr on a file with the security
namespace fails with EOPNOTSUPP:
$ sudo setfattr -h -n security.sdtest -v hello testfile
setfattr: testfile: Operation not supported
but the 'trusted' and 'user' namespaces work properly:
$ sudo setfattr -h -n user.sdtest -v hello testfile
$ sudo getfattr -h -n user.sdtest testfile
# file: testfile
user.sdtest="hello"
strace'ing the setfaddr command shows the following:
lsetxattr("testfile", "security.sdtest", "hello", 5, 0) = -1
EOPNOTSUPP (Operation not supported)
This is not the case for other kernels based off an android kernel.
e.g. it works fine on a grouper device.
$ uname -a
Linux ubuntu-phablet 3.4.0-5-mako #26-Ubuntu SMP PREEMPT Tue Feb 25 19:23:05 UTC 2014 armv7l armv7l armv7l GNU/Linux
Steps to reproduce:
$ dd if=/dev/zero of=test.img bs=4096 count=4096
4096+0 records in
4096+0 records out
16777216 bytes (17 MB) copied, 0.181383 s, 92.5 MB/s
$ mkfs.ext3 -q -F test.img
$ mkdir mountpoint
$ sudo mount -o loop,user_xattr test.img mountpoint
[sudo] password for phablet:
$ mount | grep mountpoint
/home/phablet/test.img on /home/phablet/mountpoint type ext3 (rw,relatime,errors=continue,user_xattr,barrier=1,data=writeback)
$ cd mountpoint/
$ sudo touch testfile
$ sudo setfattr -h -n security.sdtest -v hello testfile # this command fails on mako, not on grouper
setfattr: testfile: Operation not supported
$ sudo setfattr -h -n trusted.sdtest -v hello testfile
$ sudo getfattr -h -n trusted.sdtest testfile
# file: testfile
trusted.sdtest="hello"
It fails regardless of whether the filesystem is ext3 or ext4.
(There are apparmor tests that exercise this functionality, which is
how it was noticed.)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1295948/+subscriptions
References