APPLIED(x/azure, e/azure)/cmt: [linux-azure][PATCH] LP:#1864669 - [linux-azure] overlayfs regression - internal getxattr operations without sepolicy checking

Khaled Elmously khalid.elmously at canonical.com
Fri Apr 3 04:35:39 UTC 2020


Applied to xenial/azure and eoan/azure.

Does this need to be in bionic/azure-4.15 or bionic/azure ?




On 2020-03-26 11:51:09 , Marcelo Henrique Cerri wrote:
> BugLink: https://bugs.launchpad.net/bugs/1864669
> 
> As bug description.
> 
> This patch was submitted to upstream as part of a bigger patchset that
> proposes to fix several individual issues. Since the patchset is
> currently stalled with no ETA to be accepted, I decided to backport
> just the necessary fix.
> 
> 4.15 required bigger changes since some of the affected pieces of code
> were missing or were different than upstream and I applied the
> equivalent changes to the corresponding area in that kernel. Besides
> that, all patches required a small change to remove XATTR_NOSECURITY
> since that was added by a previous patch on the same series.
> 
> That's a fix that potentially can be included to our master
> kernels. But since that was requested for linux-azure I believe we can
> introduce this fix first to linux-azure and to the master kernels on
> the following cycle. That way we can reduce the regression potential.
> 
> I didn't include bionic:linux-azure, which is currently based on5.0,
> to this submission because that kernel should move to 5.3 on the next
> cycle.
> 
> I've tested the affected scenario with the patched linux-azure kernel
> and the results were positive.
> 
> ---
> Mark Salyzyn (1):
>   UBUNTU: SAUCE: overlayfs: internal getxattr operations without
>     sepolicy checking
> 
>  fs/overlayfs/namei.c     | 19 ++++++++++---------
>  fs/overlayfs/overlayfs.h |  7 +++++++
>  fs/overlayfs/util.c      |  8 ++++----
>  3 files changed, 21 insertions(+), 13 deletions(-)
> 
> -- 
> 2.20.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team



More information about the kernel-team mailing list