Btrfs v0.14 Released
Kees Cook
kees at canonical.com
Thu May 1 19:51:52 UTC 2008
Hi,
On Thu, May 01, 2008 at 01:36:25PM -0600, Tim Gardner wrote:
> Chris Mason wrote:
> > On Thursday 01 May 2008, Tim Gardner wrote:
> >
> > [ btrfs oops on ubuntu ]
> >
> >>>> This is because ubuntu kernels ship with apparmor, you'll need this
> >>>> patch:
> >>>>
> >>>> If there is a #ifdef IM_A_UBUNTU_KERNEL I can use, I'll do it. Jeff
> >>>> Mahoney has a similar patch for SUSE that I've been meaning to merge,
> >>>> but I wanted to lookup some way to check for ubuntu as well.
> >>>>
> >>>> -chris
> >>>>
> >>>> diff -r e7da2489b19b file.c
> >>>> --- a/file.c Wed Apr 30 13:59:35 2008 -0400
> >>>> +++ b/file.c Thu May 01 12:25:11 2008 -0400
> >>>> @@ -852,7 +852,7 @@ static ssize_t btrfs_file_write(struct f
> >>>> goto out_nolock;
> >>>> if (count == 0)
> >>>> goto out_nolock;
> >>>> - err = remove_suid(fdentry(file));
> >>>> + err = remove_suid(&file->f_path);
> >>>> if (err)
> >>>> goto out_nolock;
> >>>> file_update_time(file);
> >> Couldn't you #ifdef based on CONFIG_SECURITY_APPARMOR ? This ought to
> >> work for Hardy. However the next development kernel (Intrepid) does not
> >> have the APPARMOR patches, so just knowing that its an UBUNTU kernel is
> >> not specific enough.
> >
> > I've been assuming the apparmor patches change remove_suid even when they are
> > not enabled in the config.
> >
> > -chris
> >
>
> Lets get Kees involved. He developed the patch set for Hardy. I would
> hope that if CONFIG_SECURITY_APPARMOR=n then the source would default to
> its normal state.
I can't claim to have developed the patches, only helping coordinate
their merging into Ubuntu. John Johansen is the real person we should
check with -- he did all the heavy lifting -- now added to discussion.
(Hi John!)
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the kernel-team
mailing list