[systemd-devel] [PATCH] smack: check smack cache after /sys mount
WaLyong Cho
walyong.cho at samsung.com
Wed Jul 16 19:50:49 PDT 2014
On 07/17/2014 04:40 AM, Zbigniew Jędrzejewski-Szmek wrote:
> On Thu, Jul 17, 2014 at 01:29:38AM +0900, WaLyong Cho wrote:
>> use_smack_cached is capability of smack. That is not changed on
>> runtime. So that should be a cache for performance. But the cache is
>> updated as wrong value(maybe 0) upon calling first mount_one. At this
>> time, until v210 "/proc" will be tried. After v211 "/sys" will be
>> tried. But both of first trial of mount_one "/sys" is NOT mounted
>> yet. Because even if the first trial is "/sys", use_smack is called
>> before mount by label_mkdir. So the cache will always have 0.
>> To avoid, smack cache should be updated when only "/sys" is mounted
>> and smack cache is have initial value.
>> ---
> Is this still an issue after http://cgit.freedesktop.org/systemd/systemd/commit/?id=d1d8e5d49f?
>
I had used v210 with commit which you mentioned. But was not resolved.
Today, I tried to check again and I found:
http://cgit.freedesktop.org/systemd/systemd/commit/?id=c4bfd1691f4d3e26d6d7f34dbca941e119956e8a
Sorry for my lack of inspection. Now it was cleared.
Thanks for review.
>
>> - if (use_smack_cached < 0)
>> + if (use_smack_cached < 0 &&
>> + path_is_mount_point("/sys", false) > 0)
>> use_smack_cached = access("/sys/fs/smackfs/", F_OK) >= 0;
>
> Like it was said before, if this check is done at any point before
> it can return a valid result, *something* will be done wrong by systemd.
> So the only option is to fix it or delay all callers to always have
> a valid result.
>
> Zbyszek
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
More information about the systemd-devel
mailing list