Google Git
Sign in
fuchsia / integration / 47c5e0ab0d29786b832f59575a1744322aeb7632
commit47c5e0ab0d29786b832f59575a1744322aeb7632[log] [tgz]
authorWez <wez@fuchsia.infra.roller.google.com>Mon Sep 02 20:24:29 2024 +0000
committerCopybara-Service <copybara-worker@google.com>Mon Sep 02 13:26:09 2024 -0700
tree42da80310e43f128b53623c27b26b76a64c22fdf
parentb9894ba3a21f77996e708ff38b88e04f3af428ed [diff]
[roll] Roll fuchsia [starnix][selinux] Rename & better integrate new-node hook

Integrate fs_node_init_security_and_xattr() hook with the DirEntry
code path in which the file system is requested to instantiate the
`FsNode` (versus it already being found in the cache). This allows
creation of new files to be observed, and labels to be applied
based on appropriate context (e.g. fs_use_trans/xattr labelling
based on the creating task & parent inode). Because this hook is
also invoked when a file system returns a previously-used `FsNode`
to re-insert into the cache, there is currently a special-case
for calls for nodes with pre-existing labels.

Introduce an fs_node_init_root_security() hook with no dependency
on CurrentTask, to allow the root node of fs_use_trans/xattr
labeled file systems to have the appropriate label set. This will
eventually be folded into the fs_node_init_security_and_xattr()
once the CurrentTask dependency can be resolved.

Both hooks are initially hard-coded to only attempt to label nodes
in the "tmpfs" filesystem, until policy-specified labelling
information is made available.

Original-Bug: 355809976
Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1103632
Original-Revision: 36e2276d1b96487eb702daadb3b145b093e3e8ba
GitOrigin-RevId: 691e1e17bdcf7a528580d655692d7b09568e438d
Change-Id: Ied56bb5c212ec12dd66b3ccabcd8daeb7aa1dcc2
1 file changed
tree: 42da80310e43f128b53623c27b26b76a64c22fdf
  1. ctf/
  2. git-hooks/
  3. infra/
  4. third_party/
  5. cts
  6. firmware
  7. flower
  8. jiri.lock
  9. MILESTONE
  10. minimal
  11. prebuilts
  12. README.md
  13. stem
  14. test_durations
  15. toolchain
README.md

Integration

This repository contains Fuchsia's Global Integration manifest files.

Making changes

All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.

Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance via the IRC channel #fuchsia on Freenode.

Obtaining the source

First install Jiri.

Next run:

$ jiri init
$ jiri import minimal https://fuchsia.googlesource.com/integration
$ jiri update

Third party

Third party projects should have their own subdirectory in ./third_party.