mako kernel doesn't support xattrs in the security namespace
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-mako (Ubuntu) |
Fix Released
|
Undecided
|
Tim Gardner | ||
Trusty |
Fix Released
|
Undecided
|
Tim Gardner | ||
linux-manta (Ubuntu) |
Fix Released
|
Undecided
|
Tim Gardner | ||
Trusty |
Fix Released
|
Undecided
|
Tim Gardner |
Bug Description
Attempting on a mako device to setfattr on a file with the security namespace fails with EOPNOTSUPP:
$ sudo setfattr -h -n security.sdtest -v hello testfile
setfattr: testfile: Operation not supported
but the 'trusted' and 'user' namespaces work properly:
$ sudo setfattr -h -n user.sdtest -v hello testfile
$ sudo getfattr -h -n user.sdtest testfile
# file: testfile
user.
strace'ing the setfaddr command shows the following:
lsetxattr(
This is not the case for other kernels based off an android kernel. e.g. it works fine on a grouper device.
$ uname -a
Linux ubuntu-phablet 3.4.0-5-mako #26-Ubuntu SMP PREEMPT Tue Feb 25 19:23:05 UTC 2014 armv7l armv7l armv7l GNU/Linux
Steps to reproduce:
$ dd if=/dev/zero of=test.img bs=4096 count=4096
4096+0 records in
4096+0 records out
16777216 bytes (17 MB) copied, 0.181383 s, 92.5 MB/s
$ mkfs.ext3 -q -F test.img
$ mkdir mountpoint
$ sudo mount -o loop,user_xattr test.img mountpoint
[sudo] password for phablet:
$ mount | grep mountpoint
/home/
$ cd mountpoint/
$ sudo touch testfile
$ sudo setfattr -h -n security.sdtest -v hello testfile # this command fails on mako, not on grouper
setfattr: testfile: Operation not supported
$ sudo setfattr -h -n trusted.sdtest -v hello testfile
$ sudo getfattr -h -n trusted.sdtest testfile
# file: testfile
trusted.
It fails regardless of whether the filesystem is ext3 or ext4.
(There are apparmor tests that exercise this functionality, which is how it was noticed.)
affects: | linux (Ubuntu Trusty) → linux-mako (Ubuntu Trusty) |
Changed in linux-mako (Ubuntu Trusty): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
status: | Confirmed → In Progress |
Changed in linux-manta (Ubuntu Trusty): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
status: | New → In Progress |
Changed in linux-mako (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
Changed in linux-manta (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
Status changed to 'Confirmed' because the bug affects multiple users.