[Buildroot] [PATCH 2/2] fs/jffs2: copy xattrs

Antoine Tenart antoine.tenart at bootlin.com
Tue Sep 8 13:16:00 UTC 2020


Hi Thomas,

Quoting Thomas Petazzoni (2020-09-08 11:20:57)
> On Tue,  8 Sep 2020 10:51:06 +0200
> Antoine Tenart <antoine.tenart at bootlin.com> wrote:
> 
> > This patch sets the --with-xattr option when generating an image with
> > mkfs.jffs2 if BR2_PACKAGE_REFPOLICY is selected, so that SELinux
> > security contexts will be kept and available in jffs2 images.
> > 
> > Signed-off-by: Antoine Tenart <antoine.tenart at bootlin.com>
> > ---
> >  fs/jffs2/jffs2.mk | 4 ++++
> >  1 file changed, 4 insertions(+)
> > 
> > diff --git a/fs/jffs2/jffs2.mk b/fs/jffs2/jffs2.mk
> > index 2adbc2320e38..ac00a522cc28 100644
> > --- a/fs/jffs2/jffs2.mk
> > +++ b/fs/jffs2/jffs2.mk
> > @@ -35,6 +35,10 @@ JFFS2_OPTS += -n
> >  SUMTOOL_OPTS += -n
> >  endif
> >  
> > +ifeq ($(BR2_PACKAGE_REFPOLICY),y)
> > +JFFS2_OPTS += --with-xattr
> > +endif
> 
> I'm not sure this condition should be on BR2_PACKAGE_REFPOLICY. Since
> libselinux.mk is in charge of enabling xattr support in the Linux
> kernel filesystem drivers, I'm tempted to say that we should be
> consistent and use BR2_PACKAGE_LIBSELINUX=y as a condition here as well;
> 
> What do you think?

I think you're right. Without BR2_PACKAGE_REFPOLICY we won't have
SELinux security contexts set when making the image, but that doesn't
mean SELinux couldn't be used later on. So I agree having the check on
BR2_PACKAGE_LIBSELINUX would be better (and it's also nice to have the
same check everywhere to improve consistency).

Thanks!

Antoine

-- 
Antoine Ténart, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


More information about the buildroot mailing list