[linux-azure][PATCH] LP:#1864669 - [linux-azure] overlayfs regression - internal getxattr operations without sepolicy checking

Marcelo Henrique Cerri marcelo.cerri at canonical.com
Thu Mar 26 14:51:09 UTC 2020

BugLink: https://bugs.launchpad.net/bugs/1864669

As bug description.

This patch was submitted to upstream as part of a bigger patchset that
proposes to fix several individual issues. Since the patchset is
currently stalled with no ETA to be accepted, I decided to backport
just the necessary fix.

4.15 required bigger changes since some of the affected pieces of code
were missing or were different than upstream and I applied the
equivalent changes to the corresponding area in that kernel. Besides
that, all patches required a small change to remove XATTR_NOSECURITY
since that was added by a previous patch on the same series.

That's a fix that potentially can be included to our master
kernels. But since that was requested for linux-azure I believe we can
introduce this fix first to linux-azure and to the master kernels on
the following cycle. That way we can reduce the regression potential.

I didn't include bionic:linux-azure, which is currently based on5.0,
to this submission because that kernel should move to 5.3 on the next

I've tested the affected scenario with the patched linux-azure kernel
and the results were positive.

Mark Salyzyn (1):
  UBUNTU: SAUCE: overlayfs: internal getxattr operations without
    sepolicy checking

 fs/overlayfs/namei.c     | 19 ++++++++++---------
 fs/overlayfs/overlayfs.h |  7 +++++++
 fs/overlayfs/util.c      |  8 ++++----
 3 files changed, 21 insertions(+), 13 deletions(-)


More information about the kernel-team mailing list