[Bug 1295948] [NEW] mako kernel doesn't support xattrs in the security namespace

Steve Beattie Fri, 21 Mar 2014 21:51:07 -0700

Public bug reported:

Attempting on a mako device to setfattr on a file with the security
namespace fails with EOPNOTSUPP:


  $ sudo setfattr  -h -n security.sdtest -v hello testfile
  setfattr: testfile: Operation not supported

but the 'trusted' and 'user' namespaces work properly:

  $ sudo setfattr  -h -n user.sdtest -v hello testfile
  $ sudo getfattr  -h -n user.sdtest  testfile
  # file: testfile
  user.sdtest="hello"

strace'ing the setfaddr command shows the following:

  lsetxattr("testfile", "security.sdtest", "hello", 5, 0) = -1
EOPNOTSUPP (Operation not supported)

This is not the case for other kernels based off an android kernel. e.g.
it works fine on a grouper device.

$ uname -a
Linux ubuntu-phablet 3.4.0-5-mako #26-Ubuntu SMP PREEMPT Tue Feb 25 19:23:05 
UTC 2014 armv7l armv7l armv7l GNU/Linux

Steps to reproduce:

  $ dd if=/dev/zero of=test.img bs=4096 count=4096
  4096+0 records in
  4096+0 records out
  16777216 bytes (17 MB) copied, 0.181383 s, 92.5 MB/s
  $ mkfs.ext3 -q -F test.img
  $ mkdir mountpoint
  $ sudo mount -o loop,user_xattr test.img mountpoint
  [sudo] password for phablet:
  $ mount | grep mountpoint
  /home/phablet/test.img on /home/phablet/mountpoint type ext3 
(rw,relatime,errors=continue,user_xattr,barrier=1,data=writeback)
  $ cd mountpoint/
  $ sudo touch testfile
  $ sudo setfattr  -h -n security.sdtest -v hello testfile   # this command 
fails on mako, not on grouper
  setfattr: testfile: Operation not supported
  $ sudo setfattr  -h -n trusted.sdtest -v hello testfile
  $ sudo getfattr  -h -n trusted.sdtest  testfile
  # file: testfile
  trusted.sdtest="hello"

It fails regardless of whether the filesystem is ext3 or ext4.

(There are apparmor tests that exercise this functionality, which is how
it was noticed.)

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1295948

Title:
  mako kernel doesn't support xattrs in the security namespace

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1295948/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1295948] [NEW] mako kernel doesn't support xattrs in the security namespace

Reply via email to