From mboxrd@z Thu Jan 1 00:00:00 1970 From: Seth Forshee Subject: Re: [PATCH review 02/13] mnt: Refactor fs_fully_visible into mount_too_revealing Date: Wed, 22 Jun 2016 14:40:50 -0500 Message-ID: <20160622194050.GD125285@ubuntu-hedt> References: <87fus77pns.fsf@x220.int.ebiederm.org> <20160620172130.15712-1-ebiederm@xmission.com> <20160620172130.15712-2-ebiederm@xmission.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <20160620172130.15712-2-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: "Eric W. Biederman" Cc: Miklos Szeredi , Linux Containers , Andy Lutomirski , James Bottomley , linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Djalal Harouni List-Id: containers.vger.kernel.org On Mon, Jun 20, 2016 at 12:21:19PM -0500, Eric W. Biederman wrote: > Replace the call of fs_fully_visible in do_new_mount from before the > new superblock is allocated with a call of mount_too_revealing after > the superblock is allocated. This winds up being a much better location > for maintainability of the code. > > The first change this enables is the replacement of FS_USERNS_VISIBLE > with SB_I_USERNS_VISIBLE. Moving the flag from struct filesystem_type > to sb_iflags on the superblock. > > Unfortunately mount_too_revealing fundamentally needs to touch > mnt_flags adding several MNT_LOCKED_XXX flags at the appropriate > times. If the mnt_flags did not need to be touched the code > could be easily moved into the filesystem specific mount code. > > Signed-off-by: "Eric W. Biederman" Acked-by: Seth Forshee From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oi0-f52.google.com ([209.85.218.52]:33731 "EHLO mail-oi0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750885AbcFVTlA (ORCPT ); Wed, 22 Jun 2016 15:41:00 -0400 Received: by mail-oi0-f52.google.com with SMTP id u201so37991183oie.0 for ; Wed, 22 Jun 2016 12:40:52 -0700 (PDT) Date: Wed, 22 Jun 2016 14:40:50 -0500 From: Seth Forshee To: "Eric W. Biederman" Cc: Linux Containers , linux-fsdevel@vger.kernel.org, Miklos Szeredi , James Bottomley , Djalal Harouni , "Serge E. Hallyn" , Andy Lutomirski Subject: Re: [PATCH review 02/13] mnt: Refactor fs_fully_visible into mount_too_revealing Message-ID: <20160622194050.GD125285@ubuntu-hedt> References: <87fus77pns.fsf@x220.int.ebiederm.org> <20160620172130.15712-1-ebiederm@xmission.com> <20160620172130.15712-2-ebiederm@xmission.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160620172130.15712-2-ebiederm@xmission.com> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Mon, Jun 20, 2016 at 12:21:19PM -0500, Eric W. Biederman wrote: > Replace the call of fs_fully_visible in do_new_mount from before the > new superblock is allocated with a call of mount_too_revealing after > the superblock is allocated. This winds up being a much better location > for maintainability of the code. > > The first change this enables is the replacement of FS_USERNS_VISIBLE > with SB_I_USERNS_VISIBLE. Moving the flag from struct filesystem_type > to sb_iflags on the superblock. > > Unfortunately mount_too_revealing fundamentally needs to touch > mnt_flags adding several MNT_LOCKED_XXX flags at the appropriate > times. If the mnt_flags did not need to be touched the code > could be easily moved into the filesystem specific mount code. > > Signed-off-by: "Eric W. Biederman" Acked-by: Seth Forshee