Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp5759848pxu;
        Thu, 22 Oct 2020 10:17:12 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxlmhcVb5XDR0Boug+ouMu1gWBDR78P4H7DOFuG+NtBjFQW2MjDzrVJkVs86B3QhCy7dK4L
X-Received: by 2002:aa7:d992:: with SMTP id u18mr3171495eds.284.1603387032123;
        Thu, 22 Oct 2020 10:17:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1603387032; cv=none;
        d=google.com; s=arc-20160816;
        b=KIDrC+1wXaDS/0rT66hQNAlicp5abPr5Zb8MUMx5fa/KEVtwoczN8K6hwrI9Wdxwz2
         yk7p5FC9aBwNMUgk54t8kfx50QIqqlXBprQTGFAiy8GWXQokEyd3T4aO7fXBTJQFJ+u2
         i2oxizk9ZC/f8MRfkO/JhtoUr/VMugogh5PyCg7P6bPQZtROgtxHiNmhCMJmeWpgLPms
         1K2RESWl9qAfhARUBl4HuHjMaLlGXbmR5+5dRvDPaHClnZ16lDLj7caJqWgHQH4gM/pY
         q4S6tpTeyHx+MHOMpyBMPql+BW8q4KmsROfj7vfS8IdRS6c3DPaV6hRFJHi5z2HPI/+v
         aRfw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-language:content-transfer-encoding
         :in-reply-to:mime-version:user-agent:date:message-id:from:references
         :cc:to:subject:dkim-signature;
        bh=c5p1zV1CqKVH8prpsj7PEX/s64deTtbH6mLHz/sTWPo=;
        b=p+Bn1Qv/L2NBtkyJ7cfjPPqMIVVOiQyY0HbluCJ6yDeAGSPUfl9hUWoRtDX5/VmG+y
         9sE7KGs0ki7Irw0kIjgGI78y0QikI1lux9gcvQIM9+ILUws+N+rGAX1bQ1a82Mx+pSub
         m6ESF+u5OHb5McnFP1p5Cp6b+j76LNIeYn8iQyiSf+YoYO35jxD0r/fEchXq+8Xj21+T
         2/SfcLML335T6x2/qSr1f0E1LMK3pMLpjKX9+U6q3Q/zUUI/HhaxopXzcsUI5EZdV9Lw
         p9XcHF9m3K9KjkyZTTub7OpVYG/afe1OQI+n/+rwRQ22oFen6A5Pi6fWh/oPaq8m5yYw
         PJMg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@android.com header.s=20161025 header.b="sPxj/eeS";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=android.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id g5si1311636edu.574.2020.10.22.10.16.49;
        Thu, 22 Oct 2020 10:17:12 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@android.com header.s=20161025 header.b="sPxj/eeS";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=android.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2899470AbgJVNSG (ORCPT
        <rfc822;ArcheFireLinuxKernelMain@gmail.com> + 99 others);
        Thu, 22 Oct 2020 09:18:06 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50504 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S2899459AbgJVNSF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 22 Oct 2020 09:18:05 -0400
Received: from mail-pj1-x1043.google.com (mail-pj1-x1043.google.com [IPv6:2607:f8b0:4864:20::1043])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 720B2C0613D2
        for <linux-kernel@vger.kernel.org>; Thu, 22 Oct 2020 06:18:05 -0700 (PDT)
Received: by mail-pj1-x1043.google.com with SMTP id o1so1011146pjt.2
        for <linux-kernel@vger.kernel.org>; Thu, 22 Oct 2020 06:18:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=android.com; s=20161025;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-transfer-encoding:content-language;
        bh=c5p1zV1CqKVH8prpsj7PEX/s64deTtbH6mLHz/sTWPo=;
        b=sPxj/eeSkGniZwpwGV+0kEAq//Ks1jlWunt480rMLYVSZRIi4xZOoKAn9mkn5HYPkN
         Fkw7AxIajl0UYvbLyw5iKfkrY3DUZs7/K5NVP0ecCTnIx4XoITfdeSBZU9NLP3nJbR+F
         m/CP8lnN5y45pgRiZup/NSe3sXBPCK7l1KQFu1/5XhbAsdix6UTYgjsk5NHZUggsf+R+
         buouCHVOu8EJVTknoEH0SXsWkVrr8c8UNxqUbrsdOW6XsWwDwjpR++Idct8cm2lU+IO3
         4ycrvMIJ47PM0kZ2TAbRvP2JqSFxdRFAQ6RAz6wopnTtNzOjDYWuHQiGClajvFJGWlHo
         G06Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-transfer-encoding
         :content-language;
        bh=c5p1zV1CqKVH8prpsj7PEX/s64deTtbH6mLHz/sTWPo=;
        b=dtROhi7hJxfJS3CWYh1MJitJ53WGBqh5SaK/tJ298Pr67fmF3gAmgQg+VKM/acR9Fk
         2fBa+Nouh1vWZLrDZlGS3jActjN0S0rC92KkU0/XJGAtbYiO5fQkI7UWBBcd+08JeedS
         5vEZzxBuphhrM3YgrxdN8X11IpAKCzQ18hWJYyCGFTCScWi/jEllcz61aSIxvbB7eP9n
         Phwq2aJb1tLsABr/yVUBEk5AZvCqkDyu3BUh3MgWN2zyS4DdcN/5umC5BYVTq/xSQ26y
         0KhLbsPEZRyUqYgieH6NICHbLQGI6GOkBR8Q7Gtq6vPn5NUiNvOLHrKESHWN2uo0/zLR
         d5tA==
X-Gm-Message-State: AOAM532DH+UsvApzLzAh0gqmOZ5+pWcsocmgJ6bTk5ZXJhX+8OWtPyO+
        aO7vBwjWtfq3vAEhOcJ0XZGXZg==
X-Received: by 2002:a17:902:b40a:b029:d5:f77c:fb4e with SMTP id x10-20020a170902b40ab02900d5f77cfb4emr2576354plr.14.1603372684980;
        Thu, 22 Oct 2020 06:18:04 -0700 (PDT)
Received: from nebulus.mtv.corp.google.com ([2620:15c:211:200:4a0f:cfff:fe35:d61b])
        by smtp.googlemail.com with ESMTPSA id w19sm2248589pfn.174.2020.10.22.06.18.03
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Thu, 22 Oct 2020 06:18:04 -0700 (PDT)
Subject: Re: [RESEND PATCH v18 0/4] overlayfs override_creds=off & nested get
 xattr fix
To:     Eric Biggers <ebiggers@kernel.org>
Cc:     linux-kernel@vger.kernel.org, kernel-team@android.com,
        Miklos Szeredi <miklos@szeredi.hu>,
        Jonathan Corbet <corbet@lwn.net>,
        Vivek Goyal <vgoyal@redhat.com>,
        "Eric W . Biederman" <ebiederm@xmission.com>,
        Amir Goldstein <amir73il@gmail.com>,
        Randy Dunlap <rdunlap@infradead.org>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        John Stultz <john.stultz@linaro.org>,
        linux-doc@vger.kernel.org, linux-fsdevel@vger.kernel.org,
        linux-unionfs@vger.kernel.org,
        linux-security-module@vger.kernel.org, selinux@vger.kernel.org
References: <20201021151903.652827-1-salyzyn@android.com>
 <20201022051914.GI857@sol.localdomain>
From:   Mark Salyzyn <salyzyn@android.com>
Message-ID: <ea67453d-e5de-7c3a-e1da-d1e5ac30b2dd@android.com>
Date:   Thu, 22 Oct 2020 06:18:02 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <20201022051914.GI857@sol.localdomain>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-GB
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 10/21/20 10:19 PM, Eric Biggers wrote:
> On Wed, Oct 21, 2020 at 08:18:59AM -0700, Mark Salyzyn wrote:
>> Mark Salyzyn (3):
>>    Add flags option to get xattr method paired to __vfs_getxattr
>>    overlayfs: handle XATTR_NOSECURITY flag for get xattr method
>>    overlayfs: override_creds=off option bypass creator_cred
>>
>> Mark Salyzyn + John Stultz (1):
>>    overlayfs: inode_owner_or_capable called during execv
>>
>> The first three patches address fundamental security issues that should
>> be solved regardless of the override_creds=off feature.
>>
>> The fourth adds the feature depends on these other fixes.
> FYI, I didn't receive patch 4, and neither https://lkml.kernel.org/linux-fsdevel
> nor https://lkml.kernel.org/linux-unionfs have it either.
>
> - Eric

Resent again, thanks.