FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 05-02-2008, 06:01 PM
Jeff Mahoney
 
Default Btrfs v0.14 Released

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jan Engelhardt wrote:
> On Friday 2008-05-02 18:26, Jeff Mahoney wrote:
>>> To the best of my knowledge, the AppArmor patches are arch and flavour
>>> independent. If CONFIG_SECURITY_APPARMOR exists, then the AA code is
>>> compiled. This is certainly the case for Hardy. Neither Kees or myself
>>> are aware of any reason why it won't also hold true for Intrepid.
>> Grumble. The issue isn't whether AA is enabled, it's whether it's
>> present in the source. Patching the source with AA modifies a bunch of
>> core VFS function prototypes. CONFIG_SECURITY_APPARMOR won't exist if AA
>> isn't enabled, but the prototypes will have changed anyway.
>
> So... add an invisible CONFIG_HAVE_APPARMOR, much like
> CONFIG_X86_HAVE_CMPXCHG (or whatever it's called), and test for that.
> As long as you are not in the mainline kernel, every hack is
> forgiven.

That'll work moving forward, but btrfs also supports older releases.

- -Jeff

- --
Jeff Mahoney
SUSE Labs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iEYEARECAAYFAkgbVv0ACgkQLPWxlyuTD7JLrACfUKFXwh/nYuwDw7oT3lFLs/E7
cNQAn2LQKNJkIc/SDQJJ2ykuvYAg++D8
=1Ami
-----END PGP SIGNATURE-----

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 05-02-2008, 06:14 PM
"Jeff Schroeder"
 
Default Btrfs v0.14 Released

On Fri, May 2, 2008 at 11:01 AM, Jeff Mahoney <jeffm@suse.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> Jan Engelhardt wrote:
> > On Friday 2008-05-02 18:26, Jeff Mahoney wrote:
> >>> To the best of my knowledge, the AppArmor patches are arch and flavour
> >>> independent. If CONFIG_SECURITY_APPARMOR exists, then the AA code is
> >>> compiled. This is certainly the case for Hardy. Neither Kees or myself
> >>> are aware of any reason why it won't also hold true for Intrepid.
> >> Grumble. The issue isn't whether AA is enabled, it's whether it's
> >> present in the source. Patching the source with AA modifies a bunch of
> >> core VFS function prototypes. CONFIG_SECURITY_APPARMOR won't exist if AA
> >> isn't enabled, but the prototypes will have changed anyway.
> >
> > So... add an invisible CONFIG_HAVE_APPARMOR, much like
> > CONFIG_X86_HAVE_CMPXCHG (or whatever it's called), and test for that.
> > As long as you are not in the mainline kernel, every hack is
> > forgiven.
>
> That'll work moving forward, but btrfs also supports older releases.
>
>
> - -Jeff

So how about this for older releases? It should work on Ubuntu 7.10 or
8.10 installs with apparmor enabled by default:

#if defined(CONFIG_VERSION_SIGNATURE)
# if (LINUX_VERSION_CODE = KERNEL_VERSION(2,6,24)) ||
(LINUX_VERSION_CODE = KERNEL_VERSION(2,6,20))
# define REMOVE_SUID_PATH 1
# endif
#endif

Maybe add a blurb in the install doc about this for users trying to
build ubuntu kernels with no apparmor (probably a rarity).

CONFIG_VERSION_SIGNATURE can be likened to CONFIG_SUSE

--
Jeff Schroeder

Don't drink and derive, alcohol and analysis don't mix.
http://www.digitalprognosis.com

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 05-02-2008, 08:58 PM
Chris Mason
 
Default Btrfs v0.14 Released

On Friday 02 May 2008, Tim Gardner wrote:
> Chris Mason wrote:
> > On Friday 02 May 2008, Jeff Schroeder wrote:
> >
> > [ Btrfs oops with apparmor patched in ]
> >
> >> Make is not my forte, but here is a working test to see if apparmor
> >> exists in Ubuntu 8.04.
> >> Maybe have make apply a patch to the btrfs source if this test
> >> succeeds? Does this work in SUSE?
> >>
> >> http://www.digitalprognosis.com/opensource/patches/btrfs/lame_apparmor_t
> >>est _for_btrfs.patch
> >
> > Thanks, but this uses CONFIG_SECURITY_APPARMOR which isn't enough to tell
> > if the kernel has the patch. Lets go back to Jeff's suse patch:
> >

I ended up using the CONFIG_SECURITY_APPARMOR test because the other test
suggested here sounded like something that might eventually not be very
ubuntu specific (instead of the nice a plain CONFIG_SUSE_KERNEL).

Thanks to everyone for the hints, if someone could please test:

http://btrfs.wiki.kernel.org/index.php/Hot_Fixes

I'd be grateful.

-chris

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 08:56 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org