Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp459986ybx; Mon, 4 Nov 2019 23:57:45 -0800 (PST) X-Google-Smtp-Source: APXvYqydVV71YM7z03ujU59Yxeftif8FhUBYySOzenjz8k7kl3fCVrY/kvW3AzkOgm6jH1QxuyXW X-Received: by 2002:a17:906:66ce:: with SMTP id k14mr27444758ejp.92.1572940665228; Mon, 04 Nov 2019 23:57:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1572940665; cv=none; d=google.com; s=arc-20160816; b=JCEpGC9D46KK4HCXA1s0z2lfmtfD4LCCxu/2qE7Dwoqeb5J8uI2sJX+iTmn+gMeom+ ujeiMgDKWKr3wSyDzckqH891ppgH+v6MqXRsZisoAVKOWSqhhVaUNJuiqXTeeZRrJJB3 o9xu0ZQQQiyV7QTx7hsS9f9B1XYe/rQepjyuNZKLwkwSULhces+5effNp6YjomRIOnd4 2qZ6GclHkbCosBQN2+GePiafoeXTeMdCT1vG3Yi5UntLhYyOu7maVGi17tGMyN+q9tp3 epSvlr3JJF4IZ0w61HE7w1d22MGcIlWqxBQoM8fiqYljQmrvKaHvpjEAh9B0AOA3aj+P eXLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=9Sw1HL7Q7exzJotrSp6tCwUKxBPvJqTFu7l+7aIJqKg=; b=AoA26xwhuqF1XgTONVy6mp6aaANWHZVgCp+t6TpyRsrNbS/nLf6LM3wX40DBCqzB0h ls9MPdyl5SCcEbYmRl3dlOTGUmqLBCmrqGDTns40ps1snov/690UpnqH4E4bV/HVe2z5 CgXhntvHO64bMj8v+ojz/KnOhZQ6Gg4nXzcOJ6nYcNvoLLwoV/fCGPONczdml/OUmTKE t4/hhyUmD87NjJyHeESux0XRhbUchz7kDMFUQyR35mTxeuVH7cGXXmVqSBLAKB5vzO8t JBL9vbp/G9Xf2g1QtQAeY68SjDAlnp4Kef9aoUJyBNPtSP3K/HClvaw6yO6bVwdIZLEu 3MiA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=OVbPVVm7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1si13695856ejt.404.2019.11.04.23.57.21; Mon, 04 Nov 2019 23:57:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=OVbPVVm7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387980AbfKEH4Q (ORCPT + 99 others); Tue, 5 Nov 2019 02:56:16 -0500 Received: from mail-yw1-f66.google.com ([209.85.161.66]:43400 "EHLO mail-yw1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387711AbfKEH4Q (ORCPT ); Tue, 5 Nov 2019 02:56:16 -0500 Received: by mail-yw1-f66.google.com with SMTP id g77so7978300ywb.10; Mon, 04 Nov 2019 23:56:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9Sw1HL7Q7exzJotrSp6tCwUKxBPvJqTFu7l+7aIJqKg=; b=OVbPVVm7K3EvDzJQwMdKxlvHSCl4q1LrRSoYZWY30q7dVSRRnQU3Q5Z4HurO+gsw4P pzlSjByiXPf19mwvaoSpHm8NX6Dbcrydpe0WFARfJPEeocp6h7juG2JThGeOburIUCoO O/J8CBV3FIQDdnNpdBVVbMV1lxDxivXtW+Lsn60q0tK/lI1YAAaSw6pdCL8gpVLzrRoG izBdrJVoPKJKZ5IE/mnvo0zHCKiiIvqAAFYUVUu6CzXC3NJVRsYlqDatf8H/82UAvK5v 78dkgGlhzy5wOx/51udKlV1AC019OtTMyeZSm6grUBaAAUorOJV6cW3NVROmRAUlMzHJ ZFpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9Sw1HL7Q7exzJotrSp6tCwUKxBPvJqTFu7l+7aIJqKg=; b=Oz+N4Pv68/5K6r7DHYOHRlDt1Kl+8llZk5Bh4eUkXd5FVcF7Yk04sjeYdkCRloDUAf 8xR9lnKxSIoy/LxyNamEE1XKBxlUf9/WPEdKVu0/eAr8aFTzkfomHEQdXur+E+9yEKX7 c7osrWNwUBQnpDBUqFtGukIvJz9lmG7THsN2jSPekMBp+hrDRoHw9M88q+Bd97n9xRfA G53i5d4eF2I+4XTuj4UTRgmmbWcAEwRlasDgIysB2R+7jQHaEnXN22fv6xCou2NyYu4M V9uxxGzT5GINhAtQyoGhja20o3yHONvleppi+aNJTVtQ6qoQlPL5LrViP8h0bclYbUHn JmVQ== X-Gm-Message-State: APjAAAUc1ZstRNOWmnmumJXC3zmsYlFYdApDcl1ARjCZEEa2dDiVkpT1 t15igAG4JgvABaPzc0BeLfzZIdJ1aT+36T2Qyi4= X-Received: by 2002:a81:2f0f:: with SMTP id v15mr12058238ywv.183.1572940575277; Mon, 04 Nov 2019 23:56:15 -0800 (PST) MIME-Version: 1.0 References: <20191104215253.141818-1-salyzyn@android.com> In-Reply-To: <20191104215253.141818-1-salyzyn@android.com> From: Amir Goldstein Date: Tue, 5 Nov 2019 09:56:04 +0200 Message-ID: Subject: Re: [PATCH v15 0/4] overlayfs override_creds=off & nested get xattr fix To: Mark Salyzyn Cc: linux-kernel , kernel-team@android.com, Miklos Szeredi , Jonathan Corbet , Vivek Goyal , "Eric W . Biederman" , Randy Dunlap , Stephen Smalley , overlayfs , linux-doc@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 4, 2019 at 11:53 PM Mark Salyzyn wrote: > > Patch series: > > Mark Salyzyn (4): > Add flags option to get xattr method paired to __vfs_getxattr Sigh.. did not get to fsdevel (again...) I already told you several times that you need to use a shorter CC list. > overlayfs: handle XATTR_NOSECURITY flag for get xattr method > overlayfs: internal getxattr operations without sepolicy checking > overlayfs: override_creds=off option bypass creator_cred It would be better for review IMO if you rebase your series on top of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs.git ovl-unpriv 1. internal getxattr patch would be a one liner change to ovl_own_getxattr() 2. The documentation of override_creds would be much more meaningful if it used the overlay permission model terminology that Miklos added in his patch set and extend it Thanks, Amir.