These patches add local caching for network filesystems such as NFS and AFS.
FS-Cache now runs fully asynchronously as required by Trond Myklebust for NFS.
--
Changes:
[try #3]:
(*) Added missing file to CacheFiles patch.
(*) Made new security functions return errors and pass actual return
--- Stephen Smalley <[EMAIL PROTECTED]> wrote:
> On Tue, 2007-08-14 at 08:53 -0700, Casey Schaufler wrote:
> > --- David Howells <[EMAIL PROTECTED]> wrote:
> >
> > > Casey Schaufler <[EMAIL PROTECTED]> wrote:
> > >
> > > > With Smack you can leave the label alone, raise CAP_MAC_OVERRIDE,
> > >
--- David Howells <[EMAIL PROTECTED]> wrote:
> These patches add local caching for network filesystems such as NFS and AFS.
>
> FS-Cache now runs fully asynchronously as required by Trond Myklebust for
> NFS.
>
> --
> Changes:
> [try #3]:
>
> (*) Added missing file to CacheFiles patch.
>
>
Casey Schaufler <[EMAIL PROTECTED]> wrote:
> How would you expect an LSM that is not SELinux to interface with
> CacheFiles?
You have to understand that I didn't know that much about the LSM interface,
so I asked advice of the Red Hat security people, who, naturally, pointed me
at the SELinux mai
--- David Howells <[EMAIL PROTECTED]> wrote:
> Casey Schaufler <[EMAIL PROTECTED]> wrote:
>
> > How would you expect an LSM that is not SELinux to interface with
> > CacheFiles?
>
> You have to understand that I didn't know that much about the LSM interface,
> so I asked advice of the Red Hat s
Casey Schaufler <[EMAIL PROTECTED]> wrote:
> Sigh. So it's not only SELinux specific, but RedHat specific as well.
*Blink*. How did you come to that conclusion?
> > (3) The cache driver wants to access the files in the cache, but it's
> > running in the security context of either the af
On Sat, 2007-08-11 at 08:56 -0700, Casey Schaufler wrote:
> --- David Howells <[EMAIL PROTECTED]> wrote:
>
> > Casey Schaufler <[EMAIL PROTECTED]> wrote:
> >
> > > How would you expect an LSM that is not SELinux to interface with
> > > CacheFiles?
> >
> > You have to understand that I didn't kno
--- David Howells <[EMAIL PROTECTED]> wrote:
> Casey Schaufler <[EMAIL PROTECTED]> wrote:
>
> > Sigh. So it's not only SELinux specific, but RedHat specific as well.
>
> *Blink*. How did you come to that conclusion?
>
> > > (3) The cache driver wants to access the files in the cache, but it
On Mon, 2007-08-13 at 11:54 +0100, David Howells wrote:
> Casey Schaufler <[EMAIL PROTECTED]> wrote:
>
> > Sigh. So it's not only SELinux specific, but RedHat specific as well.
>
> *Blink*. How did you come to that conclusion?
>
> > > (3) The cache driver wants to access the files in the cach
Casey Schaufler <[EMAIL PROTECTED]> wrote:
> I haven't looked into the issues at all and I bet there are plenty,
> maybe in audit and places outside of the security realm, but this
> looks like a clean approach from the LSM interface standpoint. Do
> you want the entire task or just task->security
On Mon, 2007-08-13 at 15:51 +0100, David Howells wrote:
> Casey Schaufler <[EMAIL PROTECTED]> wrote:
>
> > I haven't looked into the issues at all and I bet there are plenty,
> > maybe in audit and places outside of the security realm, but this
> > looks like a clean approach from the LSM interfac
--- Stephen Smalley <[EMAIL PROTECTED]> wrote:
> On Mon, 2007-08-13 at 11:54 +0100, David Howells wrote:
> > Casey Schaufler <[EMAIL PROTECTED]> wrote:
> >
> > > Sigh. So it's not only SELinux specific, but RedHat specific as well.
> >
> > *Blink*. How did you come to that conclusion?
> >
> >
Stephen Smalley <[EMAIL PROTECTED]> wrote:
> Seems like over-design - we don't need to support LSM stacking, and we
> don't need to support pushing/popping more than one level of context.
It will, at some point hopefully, be possible for someone to try, say, NFS
exporting a cached ISO9660 mount (
--- Stephen Smalley <[EMAIL PROTECTED]> wrote:
> On Mon, 2007-08-13 at 15:51 +0100, David Howells wrote:
> ...
> > Actually, to address Stephen Smalley's requirements also, how about making
> > things a bit more complex. Have the following suite of functions:
> >
> > (1) int security_get_co
--- David Howells <[EMAIL PROTECTED]> wrote:
> Stephen Smalley <[EMAIL PROTECTED]> wrote:
>
> > Seems like over-design - we don't need to support LSM stacking, and we
> > don't need to support pushing/popping more than one level of context.
>
> It will, at some point hopefully, be possible for
Casey Schaufler <[EMAIL PROTECTED]> wrote:
> > (1) int security_get_context(void **_context);
> >
> > This allocates and gives the caller a blob that describes the current
> > context of all the LSM module states attached to the current task and
> > stores a pointer to it in *_conte
--- David Howells <[EMAIL PROTECTED]> wrote:
> Casey Schaufler <[EMAIL PROTECTED]> wrote:
>
> > > (1) int security_get_context(void **_context);
> > >
> > > This allocates and gives the caller a blob that describes the current
> > > context of all the LSM module states attached to the cur
Casey Schaufler <[EMAIL PROTECTED]> wrote:
> The specification of your push interface that the push operation
> not affect how others access the process is OK for SELinux, but
> not for any other MAC scheme that I've dealt with, and I think
> that's most of them. Nuts. Smack, for example, uses exa
--- David Howells <[EMAIL PROTECTED]> wrote:
> Casey Schaufler <[EMAIL PROTECTED]> wrote:
>
> > The specification of your push interface that the push operation
> > not affect how others access the process is OK for SELinux, but
> > not for any other MAC scheme that I've dealt with, and I think
Casey Schaufler <[EMAIL PROTECTED]> wrote:
> With Smack you can leave the label alone, raise CAP_MAC_OVERRIDE,
> do your business of setting the label correctly, and then drop
> the capability. No new hooks required.
That sounds like a contradiction. How can you both leave it alone and set it?
--- David Howells <[EMAIL PROTECTED]> wrote:
> Casey Schaufler <[EMAIL PROTECTED]> wrote:
>
> > With Smack you can leave the label alone, raise CAP_MAC_OVERRIDE,
> > do your business of setting the label correctly, and then drop
> > the capability. No new hooks required.
>
> That sounds like a
On Tue, 2007-08-14 at 08:53 -0700, Casey Schaufler wrote:
> --- David Howells <[EMAIL PROTECTED]> wrote:
>
> > Casey Schaufler <[EMAIL PROTECTED]> wrote:
> >
> > > With Smack you can leave the label alone, raise CAP_MAC_OVERRIDE,
> > > do your business of setting the label correctly, and then dro
On Mon, 2007-08-13 at 14:44 -0700, Casey Schaufler wrote:
> --- David Howells <[EMAIL PROTECTED]> wrote:
>
> > Casey Schaufler <[EMAIL PROTECTED]> wrote:
> >
> > > The specification of your push interface that the push operation
> > > not affect how others access the process is OK for SELinux, bu
Casey Schaufler <[EMAIL PROTECTED]> wrote:
> Whoops, sorry. You leave the process label alone and explicitly
> set the file label using the xattr interfaces.
That's the wrong way to do things. There'd then be a window in which
cachefilesd (the userspace daemon) could attempt to view the file whe
24 matches
Mail list logo
