lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 17 Mar 2020 09:49:16 -0400
From:   Paul Moore <paul@...l-moore.com>
To:     Trond Myklebust <trondmy@...merspace.com>
Cc:     "sfr@...b.auug.org.au" <sfr@...b.auug.org.au>,
        "linux-next@...r.kernel.org" <linux-next@...r.kernel.org>,
        "smayhew@...hat.com" <smayhew@...hat.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: linux-next: manual merge of the selinux tree with the nfs tree

On Tue, Mar 17, 2020 at 9:33 AM Trond Myklebust <trondmy@...merspace.com> wrote:
> On Tue, 2020-03-17 at 13:31 +1100, Stephen Rothwell wrote:
> > Hi all,
> >
> > Today's linux-next merge of the selinux tree got a conflict in:
> >
> >   fs/nfs/getroot.c
> >
> > between commit:
> >
> >   e8213ffc2aec ("NFS: Ensure security label is set for root inode")
> >
> > from the nfs tree and commit:
> >
> >   28d4d0e16f09 ("When using NFSv4.2, the security label for the root
> > inode should be set via a call to nfs_setsecurity() during the mount
> > process, otherwise the inode will appear as unlabeled for up to
> > acdirmin seconds.  Currently the label for the root inode is
> > allocated, retrieved, and freed entirely witin
> > nfs4_proc_get_root().")
> >
> > from the selinux tree.
> >
> > These are basically the same patch with slight formatting
> > differences.
> >
> > I fixed it up (I used the latter) and can carry the fix as necessary.
> > This is now fixed as far as linux-next is concerned, but any non
> > trivial
> > conflicts should be mentioned to your upstream maintainer when your
> > tree
> > is submitted for merging.  You may also want to consider cooperating
> > with the maintainer of the conflicting tree to minimise any
> > particularly
> > complex conflicts.
> >
> OK... Why is this being pushed through the selinux tree? Was that your
> intention Scott? Given that it didn't touch anything outside NFS and
> had been acked by the Selinux folks, but had not been acked by the NFS
> maintainers, I was assuming it was waiting to be applied here.

FYI, archive link below, but the short version is that the patch fixed
a problem seen with SELinux/labeled-NFS and after not hearing anything
from the NFS folks for over a week I went ahead and merged it into the
SELinux tree.  With everything going on in the world at the moment I
didn't want this fix to get lost.  I have no problem reverting the
patch in the SELinux -next branch if you guys would prefer to push
this up to Linus via the NFS tree; I just want to make sure we get
this fixed.

https://lore.kernel.org/selinux/CAHC9VhThqgv_QzCyeVYkBASVmNg2qZGxHwcxXL7KN84kR7+XUQ@mail.gmail.com/

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ