Red Hat Bugzilla – Bug 103489
/bin/ls fails on reiserfs with WITH_SELINUX (also performance issue)
Last modified: 2007-04-18 12:57:17 EDT
Description of problem:
In ls.c, function gobble_file(), there are 2 #ifdefs for SELINUX that include
cals for getfilecon() and lgetfilecon() respectively. The problem is that
although the global variable format_needs_stat is correctly set up, the code in
gobble_file() will call the ?getfilecon() functions on *ANY* needs_stat file,
even if we're doing just an 'ls -l' and did *not* ask for one of the selinux
extensions. This has two implications:
a) We're doing (probably expensive) calls every time, even when not needed.
This is a performance issue.
b) It's quite possible to try to 'ls' a directory on a filesystem that doesn't
support extended attributes (Reiserfs, JFS, or XFS, for example). This will get
an 'op not supported' error on the getfilecon() and kill the ls while we're
retrieving data the user didn't even ask for.
Version-Release number of selected component (if applicable):
Build with WITH_SELINUX, then try to 'ls' a filesystem that doesn't support
Steps to Reproduce:
Totally untested, but "looks right" patch attached.
Created attachment 94109 [details]
Patch to only use getfilecon() if actually needed
Blech. Somebody check the precidence rules - that 'format == security_format'
might need another set of parens around it.
This has been fixed in the latest release.
Basically the security context will say none if the file system does not support