Hey all -
The following 5 patches allow reiserfs and selinux to work together.
01-selinux-load_policy.diff
- Allows load_policy to fail and to not BUG on the second attempt.
02-selinux-private-inode.diff
- Allows "private" inodes that aren't tracked by selinux xattrs
03-reiserfs-private-in
If security_load_policy() fails on the first try, the cache is never cleaned
up. When the policy is fixed and a reload is attempted, the old cache will
still exist, causing a BUG() in kmem_cache_create().
This patch adds a destroy operation to clean up the cache on failure.
Signed-off-by: Jeff Ma
ReiserFS implements extended attributes by backing them with regular files.
This means that selinux would create an infinite series of
xattrs-on-xattrs-on-xattrs etc. However, due to the locking of xattrs, this
series never happens. Instead, a locking loop occurs.
This patch allows SElinux to mark
This patch moves the assignment of i_priv_object to a static inline. This
is in preparation for selinux support in reiserfs.
Signed-off-by: Jeff Mahoney <[EMAIL PROTECTED]>
diff -ruNpX dontdiff linux-2.6.9/fs/reiserfs/inode.c
linux-2.6.9.selinux/fs/reiserfs/inode.c
--- linux-2.6.9/fs/reiserfs/in
This patch adds the selinux private flag to inodes marked as reiserfs-private.
It also avoids the use of vfs_rmdir, since it will use the selinux permissions
check. The permission checks aren't valid in this context. Also, some of the
checks performed are superfluous for this case.
Signed-off-by:
This patch cleans up some warnings in the const qualifiers introduced by
the reiserfs/selinux patches.
Signed-off-by: Jeff Mahoney <[EMAIL PROTECTED]>
diff -ruNpX dontdiff linux-2.6.9/fs/reiserfs/xattr.c
linux-2.6.9.selinux/fs/reiserfs/xattr.c
--- linux-2.6.9/fs/reiserfs/xattr.c 2004-11-19 1
David Masover wrote:
> Pierre Etchemaïté wrote:
>
>> Le Thu, 7 Jul 2005 13:59:35 -0400, studdugie <[EMAIL PROTECTED]> a
>> écrit :
>>
>>
>>> I agree w/ Jeff 100%. I'm not a kernel hacker, simply a user. As a
>>> matter of fact, I was one of those people that Jeff aluded to when he
>>> said: "There
David Masover wrote:
> PFC wrote:
>
>>
Everyday operations are blazing. And making a complete backup
(450.000 files, 1.5G gzipped) of everything that is worth backing
up takes about
>>>
>>>
>>>
>>> 450 files?
>>>
>>> You may want to officially correct that to 450,000 before anyon
Raymond A. Meijer wrote:
> Hello,
>
> This morning I found the following warning on my Debian server holding a 253
> GB Debian archive mirror:
>
> ReiserFS: dm-8: warning: vs-4080: reiserfs_free_block: free_block
> (dm-8:46707368)[dev:blocknr]: bit already cleared
>
> If fixed it with --fix-fix
Hans Reiser wrote:
> Sounds like acls or acl bugs.
Or not, since ACLs weren't enabled on the mount.
-Jeff
--
Jeff Mahoney
SUSE Labs
One of the long-term shortcomings of reiserfs has been the lack of
extended error handling. There are many conditions where the file system
is obviously corrupted, yet writing is still allowed. This only serves
to potentially introduce even more corruption. There are other cases
where reiserfs_
Hans Reiser wrote:
Jeff Mahoney wrote:
+ reiserfs_error(s, "vs-4020", "bitmap block "
+ "%lu(%u) can't be freed or reused",
+ block, SB_BMAP_NR(s));
return 0;
}
Hans Reiser wrote:
Please instead compile a list of warnings and errors that lack names of
programmers responsible for that line of code, and ask Chris Mason which
of them are his.
I can interpolate which ones are Chris's since I generally see them
before they get submitted upstream. For the o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jeff Mahoney wrote:
> Hans Reiser wrote:
>>> Guys, if you run the kernel under a debugger, and get it to where you
>>> see the excessive CPU usage, and then start stepping through the bitmap
>>> code, I am sure it will be very obvious what the error is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hans Reiser wrote:
> You make this way too complicated because you are trying to be way too
> perfect. If you scan 3 bitmap blocks and find nothing, stop trying to
> size match.
Agreed on the trying too hard. I think we can find a better, less
"perfe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hans Reiser wrote:
> So the Plan 9 and Unix way would be to let the driver parse the number
> part of the name after the last slash. What I don't understand is why
> reiserfs is getting involved here, rather than recognizing the driver as
> an extensi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hans Reiser wrote:
> Jeff Mahoney wrote:
>
>> Hans Reiser wrote:
>>
>>
>> Hans, we're all in agreement that we'd prefer drivers not use names with
>> slashes in them,
>
> there is nothing wrong with using names that have slashes. The thing
> that is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hans Reiser wrote:
> Jeffrey Mahoney wrote:
>> This is not
>> the desired interpretation, which is why we need to replace the pathname
>> separator in the name. ReiserFS is the component that is choosing to use
>> the bloc
18 matches
Mail list logo
