From: Demi Marie Obenour <demi@invisiblethingslab.com>
To: Milan Broz <gmazyland@gmail.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@kernel.org>,
dm-devel@redhat.com
Cc: linux-kernel@vger.kernel.org
Subject: Re: [dm-devel] [PATCH v2 3/4] dm ioctl: Allow userspace to suppress uevent generation
Date: Sun, 25 Jun 2023 12:02:29 -0400 [thread overview]
Message-ID: <ZJhlGCP0gTz7T3gG@itl-email> (raw)
In-Reply-To: <0b22e328-40e1-54d7-367c-96059a3fef7c@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1648 bytes --]
On Sun, Jun 25, 2023 at 03:25:38PM +0200, Milan Broz wrote:
> On 6/25/23 01:09, Demi Marie Obenour wrote:
> > Userspace can use this to avoid spamming udev with events that udev
> > should ignore.
>
> Well, does it also mean that udev will not create /dev/disk/by-* symlinks
> (as response to the change udev event followed by internal udev blkid scan)?
In the use-case I have for this feature (block devices for Qubes VMs)
the blkid scan is unwanted and there are udev rules to prevent this.
> If it is a private device, that is ok. But for a visible device I think
> that it breaks some assumptions in userspace (presence of symlinks mentioned
> above etc).
The devices I am considering are implementation details of a userspace
process. Nobody else should be opening them. Ideally, no other
userspace process would even know they exist, at least without mucking
around in /proc or using ptrace.
> So, what is the exact use for this patch?
Ephemeral devices that are created, opened, marked for deferred removal,
assigned to a Xen VM (needs another patch currently being worked on),
and then closed. udev has no business scanning these devices, and
indeed for it to scan them at all would be a security vulnerability
since their contents are under guest control. There are udev rules to
ignore these devices, but for udev to even process the event wastes CPU
time and delays processing of other events that actually matter. The
only symlink that possibly ought to be created is /dev/disk/by-diskseq
and I can just do that myself.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Demi Marie Obenour <demi@invisiblethingslab.com>
To: Milan Broz <gmazyland@gmail.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@kernel.org>,
dm-devel@redhat.com
Cc: linux-kernel@vger.kernel.org
Subject: Re: [dm-devel] [PATCH v2 3/4] dm ioctl: Allow userspace to suppress uevent generation
Date: Sun, 25 Jun 2023 12:02:29 -0400 [thread overview]
Message-ID: <ZJhlGCP0gTz7T3gG@itl-email> (raw)
In-Reply-To: <0b22e328-40e1-54d7-367c-96059a3fef7c@gmail.com>
[-- Attachment #1.1: Type: text/plain, Size: 1648 bytes --]
On Sun, Jun 25, 2023 at 03:25:38PM +0200, Milan Broz wrote:
> On 6/25/23 01:09, Demi Marie Obenour wrote:
> > Userspace can use this to avoid spamming udev with events that udev
> > should ignore.
>
> Well, does it also mean that udev will not create /dev/disk/by-* symlinks
> (as response to the change udev event followed by internal udev blkid scan)?
In the use-case I have for this feature (block devices for Qubes VMs)
the blkid scan is unwanted and there are udev rules to prevent this.
> If it is a private device, that is ok. But for a visible device I think
> that it breaks some assumptions in userspace (presence of symlinks mentioned
> above etc).
The devices I am considering are implementation details of a userspace
process. Nobody else should be opening them. Ideally, no other
userspace process would even know they exist, at least without mucking
around in /proc or using ptrace.
> So, what is the exact use for this patch?
Ephemeral devices that are created, opened, marked for deferred removal,
assigned to a Xen VM (needs another patch currently being worked on),
and then closed. udev has no business scanning these devices, and
indeed for it to scan them at all would be a security vulnerability
since their contents are under guest control. There are udev rules to
ignore these devices, but for udev to even process the event wastes CPU
time and delays processing of other events that actually matter. The
only symlink that possibly ought to be created is /dev/disk/by-diskseq
and I can just do that myself.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
[-- Attachment #2: Type: text/plain, Size: 98 bytes --]
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2023-06-25 16:02 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-24 23:09 [PATCH v2 0/4] Diskseq support in device-mapper Demi Marie Obenour
2023-06-24 23:09 ` [dm-devel] " Demi Marie Obenour
2023-06-24 23:09 ` [PATCH v2 1/4] dm ioctl: Allow userspace to opt-in to strict parameter checks Demi Marie Obenour
2023-06-24 23:09 ` [dm-devel] " Demi Marie Obenour
2023-06-24 23:09 ` [PATCH v2 2/4] dm ioctl: Allow userspace to provide expected diskseq Demi Marie Obenour
2023-06-24 23:09 ` [dm-devel] " Demi Marie Obenour
2023-06-25 11:23 ` Markus Elfring
2023-06-25 17:39 ` Demi Marie Obenour
2023-06-25 17:39 ` [dm-devel] " Demi Marie Obenour
2023-06-26 12:59 ` Dan Carpenter
2023-06-26 12:59 ` [dm-devel] " Dan Carpenter
2023-06-26 13:30 ` [dm-devel] [v2 " Markus Elfring
2023-06-26 14:51 ` Dan Carpenter
2023-06-26 14:51 ` [dm-devel] " Dan Carpenter
2023-06-26 15:19 ` Markus Elfring
2023-06-26 16:20 ` [dm-devel] [PATCH v2 " Markus Elfring
2023-06-27 6:14 ` Dan Carpenter
2023-06-27 6:14 ` [dm-devel] " Dan Carpenter
2023-06-27 7:19 ` [dm-devel] [v2 " Markus Elfring
2023-06-24 23:09 ` [PATCH v2 3/4] dm ioctl: Allow userspace to suppress uevent generation Demi Marie Obenour
2023-06-24 23:09 ` [dm-devel] " Demi Marie Obenour
2023-06-25 13:25 ` Milan Broz
2023-06-25 13:25 ` Milan Broz
2023-06-25 16:02 ` Demi Marie Obenour [this message]
2023-06-25 16:02 ` Demi Marie Obenour
2023-06-25 16:33 ` Milan Broz
2023-06-25 16:33 ` Milan Broz
2023-06-25 16:43 ` Demi Marie Obenour
2023-06-25 16:43 ` Demi Marie Obenour
2023-06-25 17:13 ` Milan Broz
2023-06-25 17:13 ` Milan Broz
2023-06-24 23:09 ` [PATCH v2 4/4] dm ioctl: inform caller about already-existing device Demi Marie Obenour
2023-06-24 23:09 ` [dm-devel] " Demi Marie Obenour
2024-01-15 17:56 ` [dm-devel] [PATCH v2 0/4] Diskseq support in device-mapper Martin Wilck
2024-01-15 21:44 ` Demi Marie Obenour
2024-01-16 8:00 ` Martin Wilck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZJhlGCP0gTz7T3gG@itl-email \
--to=demi@invisiblethingslab.com \
--cc=agk@redhat.com \
--cc=dm-devel@redhat.com \
--cc=gmazyland@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=snitzer@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.