[systemd-devel] [PATCH] core: mount only 4 partition in mount_setup_early()

Łukasz Stelmach l.stelmach at samsung.com
Thu Aug 7 03:23:13 PDT 2014 

It was <2014-08-06 śro 14:53>, when Sangjung Woo wrote:
> systemd doesn't mount smackfs if systemd was compiled without Smack
> support. However, the number of mount point entry in mount_setup_early()
> (i.e. N_EARLY_MOUNT) is 5 since smackfs is included. N_EARLY_MOUNT
> should be 4 because currently smackfs is optional.
>
> Signed-off-by: Sangjung Woo <sangjung.woo at samsung.com>
> ---
>  src/core/mount-setup.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
> index 206f89a..f15647b 100644
> --- a/src/core/mount-setup.c
> +++ b/src/core/mount-setup.c
> @@ -64,7 +64,7 @@ typedef struct MountPoint {
>  /* The first three entries we might need before SELinux is up. The
>   * fourth (securityfs) is needed by IMA to load a custom policy. The
>   * other ones we can delay until SELinux and IMA are loaded. */
> -#define N_EARLY_MOUNT 5
> +#define N_EARLY_MOUNT 4

AFAIR smackfs needs to be one of those early mounted. At least that is
what ffbd2c4d suggests.
  
>  static const MountPoint mount_table[] = {
>          { "sysfs",      "/sys",                      "sysfs",      NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,

As strange as it may seem this is not a bug (at least it doesn't seem to
hurt). In the mount_setup_early() function there is this for() loop:

    for (i = 0; i < N_EARLY_MOUNT; i ++) {
 
which means when it iterates iterates the mount_table[]

static const MountPoint mount_table[] = {
        { "sysfs",      "/sys", [...]},
        { "proc",       "/proc", [...]},
        { "devtmpfs",   "/dev", [...]},
        { "securityfs", "/sys/kernel/security", [...]},
#ifdef HAVE_SMACK,
        { "smackfs",    "/sys/fs/smackfs", [...]},
        { "tmpfs",      "/dev/shm", [...]},
#endif,
        { "tmpfs",      "/dev/shm", [...]},
        [...]
};

with Smack *enabled*, it attempts to mount: /sys (0), /proc (1), /dev
(2), /sys/kernel/security (3), /sys/fs/smackfs (4). Then it
stops. Without HAVE_SMACK and N_EARLY_MOUNT equal 5 the last filesystem
mounted is /dev/shm which wasn't mounted before ffbd2c4d but if it is it
doesn't cause any problems, does it? If you really do not want to mount
/dev/shm enclose the definition of N_EARLY_MOUNT as 5 in ifdef on
HAVE_SMACK and set it to 4 without Smack.

-- 
Łukasz Stelmach
Samsung R&D Institute Poland
Samsung Electronics
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140807/86c11d35/attachment.sig>

More information about the systemd-devel mailing list