[PATCH] erofs: impersonate the opener's credentials when accessing backing file
Gao Xiang
hsiangkao at linux.alibaba.com
Thu Jun 12 21:28:54 AEST 2025
Hi Tatsuyuki,
On 2025/6/12 18:18, Tatsuyuki Ishi wrote:
> Previously, file operations on a file-backed mount used the current
> process' credentials to access the backing FD. Attempting to do so on
> Android lead to SELinux denials, as ACL rules on the backing file (e.g.
> /system/apex/foo.apex) is restricted to a small set of process.
> Arguably, this error is redundant and leaking implementation details, as
> access to files on a mount is already ACL'ed by path.
>
> Instead, override to use the opener's cred when accessing the backing
> file. This makes the behavior similar to a loop-backed mount, which
> uses kworker cred when accessing the backing file and does not cause
> SELinux denials.
>
> Signed-off-by: Tatsuyuki Ishi <ishitatsuyuki at google.com>
Thanks for the patch. I think overlayfs uses the similar policy
(mounter's cred), which is the same as the opener's cred here
(because it opens backing file in the mount context), so:
Reviewed-by: Gao Xiang <hsiangkao at linux.alibaba.com>
Thanks,
Gao Xiang
More information about the Linux-erofs
mailing list