leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
27df4b4a1b
linux/security
History
Tetsuo Handa 27df4b4a1b tomoyo: Change pathname calculation for read-only filesystems. 
Commit 5625f2e326 ("TOMOYO: Change pathname for non-rename()able
filesystems.") intended to be applied to filesystems where the content is
not controllable from the userspace (e.g. proc, sysfs, securityfs), based
on an assumption that such filesystems do not support rename() operation.

But it turned out that read-only filesystems also do not support rename()
operation despite the content is controllable from the userspace, and that
commit is annoying TOMOYO users who want to use e.g. squashfs as the root
filesystem due to use of local name which does not start with '/'.

Therefore, based on an assumption that filesystems which require the
device argument upon mount() request is an indication that the content
is controllable from the userspace, do not use local name if a filesystem
does not support rename() operation but requires the device argument upon
mount() request.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jamorris@linux.microsoft.com>
2019-05-10 14:58:30 -07:00
..
apparmor Merge branch 'work.icache' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-05-07 10:57:05 -07:00
integrity audit/stable-5.2 PR 20190507 2019-05-07 19:06:04 -07:00
keys Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-05-07 08:39:54 -07:00
loadpin LoadPin: Initialize as ordered LSM 2019-01-08 13:18:43 -08:00
safesetid LSM: fix return value check in safesetid_init_securityfs() 2019-02-12 10:59:22 -08:00
selinux selinux: do not report error on connect(AF_UNSPEC) 2019-05-08 09:45:38 -07:00
smack Smack: Fix kbuild reported build error 2019-04-30 14:13:32 -07:00
tomoyo tomoyo: Change pathname calculation for read-only filesystems. 2019-05-10 14:58:30 -07:00
yama Yama: mark function as static 2019-04-10 10:36:45 -07:00
commoncap.c audit/stable-5.1 PR 20190305 2019-03-07 12:20:11 -08:00
device_cgroup.c device_cgroup: fix RCU imbalance in error case 2019-03-19 10:46:15 -07:00
inode.c securityfs: switch to ->free_inode() 2019-05-01 22:43:26 -04:00
Kconfig compiler-based memory initialization 2019-05-07 12:44:49 -07:00
Kconfig.hardening security: Implement Clang's stack initialization 2019-04-24 14:00:56 -07:00
lsm_audit.c missing barriers in some of unix_sock ->addr and ->path accesses 2019-02-20 20:06:28 -08:00
Makefile LSM: add SafeSetID module that gates setid calls 2019-01-25 11:22:45 -08:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c Merge branch 'work.mount-syscalls' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-05-07 20:17:51 -07:00