Displaying 20 results from an estimated 1949 matches for "xattr".
Did you mean:
attr
2023 Mar 14
7
[PATCH v8 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes
...le LSMs side by side
without interfering with each other. The ultimate decision will depend on
individual LSM decision.
Several changes need to be made to the LSM infrastructure to be able to
support that. This patch set tackles one of them: gives to each LSM the
ability to specify one or multiple xattrs to be set at inode creation
time and, at the same time, gives to EVM the ability to access all those
xattrs and calculate the HMAC on them.
The first problem that this patch set addresses is to make the
inode_init_security hook definition suitable to use with EVM which, unlike
other LSMs, needs t...
2022 Dec 01
8
[PATCH v7 0/6] evm: Do HMAC of multiple per LSM xattrs for new inodes
...le LSMs side by side
without interfering with each other. The ultimate decision will depend on
individual LSM decision.
Several changes need to be made to the LSM infrastructure to be able to
support that. This patch set tackles one of them: gives to each LSM the
ability to specify one or multiple xattrs to be set at inode creation
time and, at the same time, gives to EVM the ability to access all those
xattrs and calculate the HMAC on them.
The first problem that this patch set addresses is to make the
inode_init_security hook definition suitable to use with EVM which, unlike
other LSMs, needs t...
2023 Mar 24
1
[PATCH v8 4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook
...t 4:19?AM Roberto Sassu
> > > <roberto.sassu at huaweicloud.com> wrote:
> > > > From: Roberto Sassu <roberto.sassu at huawei.com>
> > > >
> > > > Currently, security_inode_init_security() supports only one LSM providing
> > > > an xattr and EVM calculating the HMAC on that xattr, plus other inode
> > > > metadata.
> > > >
> > > > Allow all LSMs to provide one or multiple xattrs, by extending the security
> > > > blob reservation mechanism. Introduce the new lbs_xattr field of the
>...
2023 Mar 24
1
[PATCH v8 4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook
...t; On Tue, Mar 14, 2023 at 4:19?AM Roberto Sassu
> > <roberto.sassu at huaweicloud.com> wrote:
> > > From: Roberto Sassu <roberto.sassu at huawei.com>
> > >
> > > Currently, security_inode_init_security() supports only one LSM providing
> > > an xattr and EVM calculating the HMAC on that xattr, plus other inode
> > > metadata.
> > >
> > > Allow all LSMs to provide one or multiple xattrs, by extending the security
> > > blob reservation mechanism. Introduce the new lbs_xattr field of the
> > > lsm_blob...
2023 Mar 27
1
[PATCH v8 4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook
...t; > > > <roberto.sassu at huaweicloud.com> wrote:
> > > > > From: Roberto Sassu <roberto.sassu at huawei.com>
> > > > >
> > > > > Currently, security_inode_init_security() supports only one LSM providing
> > > > > an xattr and EVM calculating the HMAC on that xattr, plus other inode
> > > > > metadata.
> > > > >
> > > > > Allow all LSMs to provide one or multiple xattrs, by extending the security
> > > > > blob reservation mechanism. Introduce the new lbs_x...
2023 Jan 10
3
[PATCH v7 2/6] ocfs2: Switch to security_inode_init_security()
On Thu, 2022-12-01 at 11:41 +0100, Roberto Sassu wrote:
> From: Roberto Sassu <roberto.sassu at huawei.com>
>
> In preparation for removing security_old_inode_init_security(), switch to
> security_inode_init_security().
>
> Extend the existing ocfs2_initxattrs() to take the
> ocfs2_security_xattr_info structure from fs_info, and populate the
> name/value/len triple with the first xattr provided by LSMs.
Hi Mark, Joel, Joseph
some time ago I sent this patch set to switch to the newer
function security_inode_init_security(). Almost all the other p...
2018 Nov 22
1
[PATCH] Fix include for xattr.h
The proper file that should be included is `sys/xattr.h` as that comes from
`glibc` and not `attr/xattr.h` which ships with the `attr` utility.
New enough `attr` utility (at least 2.4.48 in my case) even includes a #warning
in `attr/xattr.h` for projects that still have this mistake in the code.
---
daemon/xattr.c | 8 ++------
fuse/test-fu...
2023 Mar 14
2
[PATCH v8 2/6] ocfs2: Switch to security_inode_init_security()
From: Roberto Sassu <roberto.sassu at huawei.com>
In preparation for removing security_old_inode_init_security(), switch to
security_inode_init_security().
Extend the existing ocfs2_initxattrs() to take the
ocfs2_security_xattr_info structure from fs_info, and populate the
name/value/len triple with the first xattr provided by LSMs.
As fs_info was not used before, ocfs2_initxattrs() can now handle the case
of replicating the behavior of security_old_inode_init_security(), i.e.
just obt...
2009 May 03
2
[PATCH] ocfs2: Don't print error when listing too many xattrs.
Currently, when listing xattrs, kernel define XATTR_LIST_MAX as 65536
in include/linux/limits.h, so it can't handle too many xattrs.
But with ocfs2 xattr tree, we actually have no limit for the number.
And it will pollute the message with something like this when listing.
(27738,0):ocfs2_iterate_xattr_buckets:3158 ERROR: s...
2014 Jul 26
2
Concern: rsync failing to find some attributes in a file transfer?
...n 3.1.0 protocol version 31
Copyright (C) 1996-2013 by Andrew Tridgell, Wayne Davison, and others.
Web site: http://rsync.samba.org/
Capabilities:
64-bit files, 64-bit inums, 64-bit timestamps, 64-bit long ints,
socketpairs, hardlinks, symlinks, IPv6, batchfiles, inplace,
append, ACLs, xattrs, iconv, symtimes, prealloc, no SLP
> uname -a
Linux Ishtar 3.15.6-Isht-Van #1 SMP PREEMPT Sat Jul 19 12:31:28 PDT 2014
x86_64 x86_64 x86_64 GNU/Linux
File system info:
> xfs_info /home
meta-data=/dev/mapper/Data-Home isize=512 agcount=32,
agsize=12582896 blks
=...
2007 Apr 07
2
xattrs questions
I see that rsync will eventually support extended attributes, which
will be great.
But: will it allow backup from a file system that supports xattrs, to
one that does not?
For this to work, rsync would have to represent the xattrs on the
destination machine
in some special format, I suppose, which is outside the usual rsync
mode of operation.
Moreover, even if both machines support xattrs, their might be
restrictions and
subtle differ...
2023 Jan 25
2
[PATCH 00/12] acl: remove remaining posix acl handlers
Hey everyone,
after we finished the introduction of the new posix acl api last cycle
we still left the generic POSIX ACL xattr handler around for two
reasons. First, because a few filesystems relied on the ->list() method
of the generic POSIX ACL xattr handlers in their ->listxattr() inode
operation. Second, during inode initalization in inode_init_always() the
registered xattr handlers in sb->s_xattr are used to...
2009 Feb 08
1
[PATCH] ocfs2/security: Check xattr support in security_init.
If the system supports selinux, we will return sucessfully from
ocfs2_init_security_get if it is called for the mount point.
And in that case if the volume doesn't have xattr support, we
will not be able to create a new inode in the mount dir because
ocfs2_mknod will try to set security attributes for a new created
inode. This patch check xattr support in ocfs2_init_security_get,
so it will let ocfs2_mknod knows that we don't support xattr and
it don't need to i...
2009 Mar 09
4
[PATCH] ocfs2: Use xs->bucket to set xattr value outside.
Tristan,
could you please run your xattr test against it?
xs->base used to be allocated a 4K size and all the contents in the
bucket are copied to the it. So in ocfs2_xattr_bucket_set_value_outside,
we are safe to use xs->base + offset. Now we use ocfs2_xattr_bucket to
abstract xattr bucket and xs->base is initialized to the sta...
2008 Dec 04
4
DO NOT REPLY [Bug 5939] New: rsync: delete of stat xattr failed for ... (in backup): Operation not permitted (1)
https://bugzilla.samba.org/show_bug.cgi?id=5939
Summary: rsync: delete of stat xattr failed for ... (in backup):
Operation not permitted (1)
Product: rsync
Version: 3.0.4
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P3
Component: core
AssignedTo:...
2009 Mar 04
5
[PATCH 0/2] ocfs2: two bug fixes about xattr and inline-data
Mark and Joel,
I found two serious bugs about xattr and inline-data.
the first bug:
in ocfs2_mknod(), we check and found the ACL or security xattr entry
could be set into inode in ocfs2_calc_xattr_init(), then don't reserve
block for them. But in ocfs2_mknod_locked(), if we found ocfs2 support
inline-data, then set id_count with the max_inli...
2019 Sep 17
1
Filter when using --xattrs?
Hi! I'm new here, so I ask for your patience :)
Some xattrs can't be copied between filesystems. For instance, compressed btrfs has a "btrfs.compression" xattr.
When rsync -X is used in this situation, it exits with error code 23 (partial file/attr), which seems dangerous to be ignored.
Would it be reasonable to filter filesystem-specific fl...
2023 Feb 21
0
[PATCH v7 2/6] ocfs2: Switch to security_inode_init_security()
...to Sassu wrote:
> > > From: Roberto Sassu <roberto.sassu at huawei.com>
> > >
> > > In preparation for removing security_old_inode_init_security(), switch to
> > > security_inode_init_security().
> > >
> > > Extend the existing ocfs2_initxattrs() to take the
> > > ocfs2_security_xattr_info structure from fs_info, and populate the
> > > name/value/len triple with the first xattr provided by LSMs.
> >
> > Hi Mark, Joel, Joseph
> >
> > some time ago I sent this patch set to switch to the newer
>...
2008 Oct 26
1
[PATCH 1/1] ocfs2/xattr: Proper hash collision handle in bucket division.v3
Modification from V2 to V3:
Use a more pefect code suggested by Joel. Thank Joel for it.
In ocfs2/xattr, we must make sure the xattrs which have the same
hash value exist in the same bucket so that the search schema can
work. But in the old implementation, when we want to extend a bucket,
we just move half number of xattrs to the new bucket. This works
in most cases, but if we are lucky enough we wil...
2015 Jan 02
2
(no subject)
Hi, we needed these changes when we had to build a guest image
compatible with a starting guest image but not backed by it in any way?
We needed some tool to check our progress, comparing original and?
rebuilt (from scratch) images, and virt-diff seemed the best option, but?
we had to soften the comparison to reduce the noise in the output. I
added some options to ignore certain informations when