[PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
Al Viro
viro at zeniv.linux.org.uk
Sat Nov 19 08:48:20 UTC 2022
On Thu, Nov 10, 2022 at 11:09:27AM +0000, David Howells wrote:
> When NFS superblocks are created by automounting, their LSM parameters
> aren't set in the fs_context struct prior to sget_fc() being called,
> leading to failure to match existing superblocks.
>
> Fix this by adding a new LSM hook to load fc->security for submount
> creation when alloc_fs_context() is creating the fs_context for it.
FWIW, it feels like security_sb_mnt_opts_compat() would be a saner place
for that. It would need to get struct dentry *reference passed to it,
but that should be it...
More information about the Linux-security-module-archive
mailing list