From: jim owens <jowens@hp.com>
To: joel.becker@oracle.com, linux-fsdevel@vger.kernel.org
Cc: jmorris@namei.org, ocfs2-devel@oss.oracle.com,
viro@zeniv.linux.org.uk, mtk.manpages@gmail.com,
linux-security-module@vger.kernel.org
Subject: Re: [RFC] The reflink(2) system call v4.
Date: Mon, 11 May 2009 19:11:00 -0400 [thread overview]
Message-ID: <4A08B084.3070209@hp.com> (raw)
In-Reply-To: <20090511204011.GB30293@mail.oracle.com>
Joel Becker wrote:
> Here's v4 of reflink(). If you have the privileges, you get the
> full snapshot. If you don't, you must have read access, and then you
> get the entire snapshot (data and extended attributes) except that the
> security context is reinitialized. That's it. It fits with most of the
> other ops, and it's a clean degradation.
I really like this. It has a nice clean user operational definition
and gives them all the snap/cowfile features. And if they had the
privilege to do the reflink(), they can just chattr away :)
jim
> + /*
> + * If the caller has the rights, reflink() will preserve the
> + * security context of the source inode.
> + */
> + if ((current_fsuid() != inode->i_uid) && !capable(CAP_CHOWN))
> + preserve_security = 0;
> + if ((current_fsuid() != inode->i_uid) &&
> + !in_group_p(inode->i_gid) && !capable(CAP_CHOWN))
> + preserve_security = 0;
I have not done a code review, but that appears to be an
editing cut-and-past duplication.
WARNING: multiple messages have this Message-ID (diff)
From: jim owens <jowens@hp.com>
To: joel.becker@oracle.com, linux-fsdevel@vger.kernel.org
Cc: jmorris@namei.org, ocfs2-devel@oss.oracle.com,
viro@zeniv.linux.org.uk, mtk.manpages@gmail.com,
linux-security-module@vger.kernel.org
Subject: [Ocfs2-devel] [RFC] The reflink(2) system call v4.
Date: Mon, 11 May 2009 19:11:00 -0400 [thread overview]
Message-ID: <4A08B084.3070209@hp.com> (raw)
In-Reply-To: <20090511204011.GB30293@mail.oracle.com>
Joel Becker wrote:
> Here's v4 of reflink(). If you have the privileges, you get the
> full snapshot. If you don't, you must have read access, and then you
> get the entire snapshot (data and extended attributes) except that the
> security context is reinitialized. That's it. It fits with most of the
> other ops, and it's a clean degradation.
I really like this. It has a nice clean user operational definition
and gives them all the snap/cowfile features. And if they had the
privilege to do the reflink(), they can just chattr away :)
jim
> + /*
> + * If the caller has the rights, reflink() will preserve the
> + * security context of the source inode.
> + */
> + if ((current_fsuid() != inode->i_uid) && !capable(CAP_CHOWN))
> + preserve_security = 0;
> + if ((current_fsuid() != inode->i_uid) &&
> + !in_group_p(inode->i_gid) && !capable(CAP_CHOWN))
> + preserve_security = 0;
I have not done a code review, but that appears to be an
editing cut-and-past duplication.
next prev parent reply other threads:[~2009-05-11 23:11 UTC|newest]
Thread overview: 304+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-03 6:15 [RFC] The reflink(2) system call Joel Becker
2009-05-03 6:15 ` [Ocfs2-devel] " Joel Becker
2009-05-03 6:15 ` [PATCH 1/3] fs: Document the " Joel Becker
2009-05-03 6:15 ` [Ocfs2-devel] " Joel Becker
2009-05-03 8:01 ` Christoph Hellwig
2009-05-03 8:01 ` [Ocfs2-devel] " Christoph Hellwig
2009-05-04 2:46 ` Joel Becker
2009-05-04 2:46 ` [Ocfs2-devel] " Joel Becker
2009-05-04 6:36 ` Michael Kerrisk
2009-05-04 6:36 ` [Ocfs2-devel] " Michael Kerrisk
2009-05-04 7:12 ` Joel Becker
2009-05-04 7:12 ` [Ocfs2-devel] " Joel Becker
2009-05-03 13:08 ` Boaz Harrosh
2009-05-03 13:08 ` [Ocfs2-devel] " Boaz Harrosh
2009-05-03 23:08 ` Al Viro
2009-05-03 23:08 ` [Ocfs2-devel] " Al Viro
2009-05-04 2:49 ` Joel Becker
2009-05-04 2:49 ` [Ocfs2-devel] " Joel Becker
2009-05-03 23:45 ` Theodore Tso
2009-05-03 23:45 ` [Ocfs2-devel] " Theodore Tso
2009-05-04 1:44 ` Tao Ma
2009-05-04 1:44 ` [Ocfs2-devel] " Tao Ma
2009-05-04 18:25 ` Joel Becker
2009-05-04 18:25 ` [Ocfs2-devel] " Joel Becker
2009-05-04 21:18 ` Joel Becker
2009-05-04 21:18 ` Joel Becker
2009-05-04 22:23 ` Theodore Tso
2009-05-04 22:23 ` Theodore Tso
2009-05-05 6:55 ` Joel Becker
2009-05-05 6:55 ` Joel Becker
2009-05-05 1:07 ` Jamie Lokier
2009-05-05 1:07 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 7:16 ` Joel Becker
2009-05-05 7:16 ` [Ocfs2-devel] " Joel Becker
2009-05-05 8:09 ` Andreas Dilger
2009-05-05 8:09 ` [Ocfs2-devel] " Andreas Dilger
2009-05-05 16:56 ` Joel Becker
2009-05-05 16:56 ` [Ocfs2-devel] " Joel Becker
2009-05-05 21:24 ` Andreas Dilger
2009-05-05 21:24 ` [Ocfs2-devel] " Andreas Dilger
2009-05-05 21:32 ` Joel Becker
2009-05-05 21:32 ` [Ocfs2-devel] " Joel Becker
2009-05-06 7:15 ` Theodore Tso
2009-05-06 7:15 ` Theodore Tso
2009-05-06 14:24 ` jim owens
2009-05-06 14:24 ` jim owens
2009-05-06 14:30 ` jim owens
2009-05-06 14:30 ` jim owens
2009-05-06 17:50 ` jim owens
2009-05-06 17:50 ` jim owens
2009-05-12 19:20 ` Jamie Lokier
2009-05-12 19:20 ` Jamie Lokier
2009-05-12 19:30 ` Jamie Lokier
2009-05-12 19:30 ` Jamie Lokier
2009-05-12 19:11 ` Jamie Lokier
2009-05-12 19:11 ` Jamie Lokier
2009-05-12 19:37 ` jim owens
2009-05-12 19:37 ` jim owens
2009-05-12 20:11 ` Jamie Lokier
2009-05-12 20:11 ` Jamie Lokier
2009-05-05 13:01 ` Theodore Tso
2009-05-05 13:01 ` [Ocfs2-devel] " Theodore Tso
2009-05-05 13:19 ` Jamie Lokier
2009-05-05 13:19 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 13:39 ` Chris Mason
2009-05-05 13:39 ` [Ocfs2-devel] " Chris Mason
2009-05-05 15:36 ` Jamie Lokier
2009-05-05 15:36 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 15:41 ` Chris Mason
2009-05-05 15:41 ` [Ocfs2-devel] " Chris Mason
2009-05-05 16:03 ` Jamie Lokier
2009-05-05 16:03 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 16:18 ` Chris Mason
2009-05-05 16:18 ` [Ocfs2-devel] " Chris Mason
2009-05-05 20:48 ` jim owens
2009-05-05 20:48 ` [Ocfs2-devel] " jim owens
2009-05-05 21:57 ` Jamie Lokier
2009-05-05 21:57 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 22:04 ` Joel Becker
2009-05-05 22:04 ` [Ocfs2-devel] " Joel Becker
2009-05-05 22:11 ` Jamie Lokier
2009-05-05 22:11 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 22:24 ` Joel Becker
2009-05-05 22:24 ` [Ocfs2-devel] " Joel Becker
2009-05-05 23:14 ` Jamie Lokier
2009-05-05 23:14 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 22:12 ` Jamie Lokier
2009-05-05 22:12 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 22:21 ` Joel Becker
2009-05-05 22:21 ` [Ocfs2-devel] " Joel Becker
2009-05-05 22:32 ` James Morris
2009-05-05 22:32 ` [Ocfs2-devel] " James Morris
2009-05-05 22:39 ` Joel Becker
2009-05-05 22:39 ` [Ocfs2-devel] " Joel Becker
2009-05-12 19:40 ` Jamie Lokier
2009-05-12 19:40 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 22:28 ` jim owens
2009-05-05 22:28 ` [Ocfs2-devel] " jim owens
2009-05-05 23:12 ` Jamie Lokier
2009-05-05 23:12 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 16:46 ` Jörn Engel
2009-05-05 16:46 ` [Ocfs2-devel] " Jörn Engel
2009-05-05 16:54 ` Jörn Engel
2009-05-05 16:54 ` [Ocfs2-devel] " Jörn Engel
2009-05-05 22:03 ` Jamie Lokier
2009-05-05 22:03 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 21:44 ` copyfile semantics Andreas Dilger
2009-05-05 21:44 ` [Ocfs2-devel] " Andreas Dilger
2009-05-05 21:48 ` Matthew Wilcox
2009-05-05 21:48 ` [Ocfs2-devel] " Matthew Wilcox
2009-05-05 22:25 ` Trond Myklebust
2009-05-05 22:25 ` [Ocfs2-devel] " Trond Myklebust
2009-05-05 22:06 ` Jamie Lokier
2009-05-05 22:06 ` [Ocfs2-devel] " Jamie Lokier
2009-05-06 5:57 ` Jörn Engel
2009-05-06 5:57 ` [Ocfs2-devel] " Jörn Engel
2009-05-05 14:21 ` [PATCH 1/3] fs: Document the reflink(2) system call Theodore Tso
2009-05-05 14:21 ` [Ocfs2-devel] " Theodore Tso
2009-05-05 15:32 ` Jamie Lokier
2009-05-05 15:32 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 22:49 ` James Morris
2009-05-05 22:49 ` [Ocfs2-devel] " James Morris
2009-05-05 17:05 ` Joel Becker
2009-05-05 17:05 ` [Ocfs2-devel] " Joel Becker
2009-05-05 17:00 ` Joel Becker
2009-05-05 17:00 ` [Ocfs2-devel] " Joel Becker
2009-05-05 17:29 ` Theodore Tso
2009-05-05 17:29 ` [Ocfs2-devel] " Theodore Tso
2009-05-05 22:36 ` Jamie Lokier
2009-05-05 22:36 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 22:30 ` Jamie Lokier
2009-05-05 22:30 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 22:37 ` Joel Becker
2009-05-05 22:37 ` [Ocfs2-devel] " Joel Becker
2009-05-05 23:08 ` jim owens
2009-05-05 23:08 ` [Ocfs2-devel] " jim owens
2009-05-05 13:01 ` Jamie Lokier
2009-05-05 13:01 ` [Ocfs2-devel] " Jamie Lokier
2009-05-05 17:09 ` Joel Becker
2009-05-05 17:09 ` [Ocfs2-devel] " Joel Becker
2009-05-03 6:15 ` [PATCH 2/3] fs: Add vfs_reflink() and the ->reflink() inode operation Joel Becker
2009-05-03 6:15 ` [Ocfs2-devel] " Joel Becker
2009-05-03 8:03 ` Christoph Hellwig
2009-05-03 8:03 ` [Ocfs2-devel] " Christoph Hellwig
2009-05-04 2:51 ` Joel Becker
2009-05-04 2:51 ` [Ocfs2-devel] " Joel Becker
2009-05-03 6:15 ` [PATCH 3/3] fs: Add the reflink(2) system call Joel Becker
2009-05-03 6:15 ` [Ocfs2-devel] " Joel Becker
2009-05-03 6:27 ` Matthew Wilcox
2009-05-03 6:27 ` [Ocfs2-devel] " Matthew Wilcox
2009-05-03 6:39 ` Al Viro
2009-05-03 6:39 ` [Ocfs2-devel] " Al Viro
2009-05-03 7:48 ` Christoph Hellwig
2009-05-03 7:48 ` [Ocfs2-devel] " Christoph Hellwig
2009-05-03 11:16 ` Al Viro
2009-05-03 11:16 ` [Ocfs2-devel] " Al Viro
2009-05-04 2:53 ` Joel Becker
2009-05-04 2:53 ` [Ocfs2-devel] " Joel Becker
2009-05-04 2:53 ` Joel Becker
2009-05-04 2:53 ` [Ocfs2-devel] " Joel Becker
2009-05-03 8:04 ` Christoph Hellwig
2009-05-03 8:04 ` [Ocfs2-devel] " Christoph Hellwig
2009-05-07 22:15 ` [RFC] The reflink(2) system call v2 Joel Becker
2009-05-07 22:15 ` [Ocfs2-devel] " Joel Becker
2009-05-08 1:39 ` James Morris
2009-05-08 1:39 ` [Ocfs2-devel] " James Morris
2009-05-08 1:49 ` Joel Becker
2009-05-08 1:49 ` [Ocfs2-devel] " Joel Becker
2009-05-08 13:01 ` Tetsuo Handa
2009-05-08 2:59 ` jim owens
2009-05-08 2:59 ` [Ocfs2-devel] " jim owens
2009-05-08 3:10 ` Joel Becker
2009-05-08 3:10 ` [Ocfs2-devel] " Joel Becker
2009-05-08 11:53 ` jim owens
2009-05-08 11:53 ` [Ocfs2-devel] " jim owens
2009-05-08 12:16 ` jim owens
2009-05-08 12:16 ` [Ocfs2-devel] " jim owens
2009-05-08 14:11 ` jim owens
2009-05-08 14:11 ` [Ocfs2-devel] " jim owens
2009-05-11 20:40 ` [RFC] The reflink(2) system call v4 Joel Becker
2009-05-11 20:40 ` [Ocfs2-devel] " Joel Becker
2009-05-11 22:27 ` James Morris
2009-05-11 22:27 ` [Ocfs2-devel] " James Morris
2009-05-11 22:34 ` Joel Becker
2009-05-11 22:34 ` [Ocfs2-devel] " Joel Becker
2009-05-12 1:12 ` James Morris
2009-05-12 1:12 ` [Ocfs2-devel] " James Morris
2009-05-12 12:18 ` Stephen Smalley
2009-05-12 12:18 ` [Ocfs2-devel] " Stephen Smalley
2009-05-12 17:22 ` Joel Becker
2009-05-12 17:22 ` [Ocfs2-devel] " Joel Becker
2009-05-12 17:32 ` Stephen Smalley
2009-05-12 17:32 ` [Ocfs2-devel] " Stephen Smalley
2009-05-12 18:03 ` Joel Becker
2009-05-12 18:03 ` [Ocfs2-devel] " Joel Becker
2009-05-12 18:04 ` Stephen Smalley
2009-05-12 18:04 ` [Ocfs2-devel] " Stephen Smalley
2009-05-12 18:28 ` Joel Becker
2009-05-12 18:28 ` [Ocfs2-devel] " Joel Becker
2009-05-12 18:37 ` Stephen Smalley
2009-05-12 18:37 ` [Ocfs2-devel] " Stephen Smalley
2009-05-14 18:06 ` Stephen Smalley
2009-05-14 18:06 ` [Ocfs2-devel] " Stephen Smalley
2009-05-14 18:25 ` Stephen Smalley
2009-05-14 18:25 ` [Ocfs2-devel] " Stephen Smalley
2009-05-14 23:25 ` James Morris
2009-05-14 23:25 ` [Ocfs2-devel] " James Morris
2009-05-15 11:54 ` Stephen Smalley
2009-05-15 11:54 ` [Ocfs2-devel] " Stephen Smalley
2009-05-15 13:35 ` James Morris
2009-05-15 13:35 ` [Ocfs2-devel] " James Morris
2009-05-15 15:44 ` Stephen Smalley
2009-05-15 15:44 ` [Ocfs2-devel] " Stephen Smalley
2009-05-13 1:47 ` Casey Schaufler
2009-05-13 1:47 ` [Ocfs2-devel] " Casey Schaufler
2009-05-13 16:43 ` Joel Becker
2009-05-13 16:43 ` [Ocfs2-devel] " Joel Becker
2009-05-13 17:23 ` Stephen Smalley
2009-05-13 17:23 ` [Ocfs2-devel] " Stephen Smalley
2009-05-13 18:27 ` Joel Becker
2009-05-13 18:27 ` [Ocfs2-devel] " Joel Becker
2009-05-12 12:01 ` Stephen Smalley
2009-05-12 12:01 ` [Ocfs2-devel] " Stephen Smalley
2009-05-11 23:11 ` jim owens [this message]
2009-05-11 23:11 ` jim owens
2009-05-11 23:42 ` Joel Becker
2009-05-11 23:42 ` [Ocfs2-devel] " Joel Becker
2009-05-12 11:31 ` Jörn Engel
2009-05-12 11:31 ` [Ocfs2-devel] " Jörn Engel
2009-05-12 13:12 ` jim owens
2009-05-12 13:12 ` [Ocfs2-devel] " jim owens
2009-05-12 20:24 ` Jamie Lokier
2009-05-12 20:24 ` [Ocfs2-devel] " Jamie Lokier
2009-05-14 18:43 ` Jörn Engel
2009-05-14 18:43 ` [Ocfs2-devel] " Jörn Engel
2009-05-12 15:04 ` Sage Weil
2009-05-12 15:04 ` [Ocfs2-devel] " Sage Weil
2009-05-12 15:23 ` jim owens
2009-05-12 15:23 ` [Ocfs2-devel] " jim owens
2009-05-12 16:16 ` Sage Weil
2009-05-12 16:16 ` [Ocfs2-devel] " Sage Weil
2009-05-12 17:45 ` jim owens
2009-05-12 17:45 ` [Ocfs2-devel] " jim owens
2009-05-12 20:29 ` Jamie Lokier
2009-05-12 20:29 ` [Ocfs2-devel] " Jamie Lokier
2009-05-12 17:28 ` Joel Becker
2009-05-12 17:28 ` [Ocfs2-devel] " Joel Becker
2009-05-13 4:30 ` Sage Weil
2009-05-13 4:30 ` [Ocfs2-devel] " Sage Weil
2009-05-14 3:57 ` Andy Lutomirski
2009-05-14 3:57 ` [Ocfs2-devel] " Andy Lutomirski
2009-05-14 18:12 ` Stephen Smalley
2009-05-14 18:12 ` [Ocfs2-devel] " Stephen Smalley
2009-05-14 22:00 ` Joel Becker
2009-05-14 22:00 ` [Ocfs2-devel] " Joel Becker
2009-05-15 1:20 ` Jamie Lokier
2009-05-15 1:20 ` [Ocfs2-devel] " Jamie Lokier
2009-05-15 12:01 ` Stephen Smalley
2009-05-15 12:01 ` [Ocfs2-devel] " Stephen Smalley
2009-05-15 15:22 ` Joel Becker
2009-05-15 15:22 ` [Ocfs2-devel] " Joel Becker
2009-05-15 15:55 ` Stephen Smalley
2009-05-15 15:55 ` [Ocfs2-devel] " Stephen Smalley
2009-05-15 16:42 ` Joel Becker
2009-05-15 16:42 ` [Ocfs2-devel] " Joel Becker
2009-05-15 17:01 ` Shaya Potter
2009-05-15 17:01 ` Shaya Potter
2009-05-15 20:53 ` [Ocfs2-devel] " Joel Becker
2009-05-15 20:53 ` Joel Becker
2009-05-18 9:17 ` Jörn Engel
2009-05-18 9:17 ` Jörn Engel
2009-05-18 13:02 ` Stephen Smalley
2009-05-18 13:02 ` Stephen Smalley
2009-05-18 14:33 ` Stephen Smalley
2009-05-18 14:33 ` Stephen Smalley
2009-05-18 17:15 ` Stephen Smalley
2009-05-18 17:15 ` Stephen Smalley
2009-05-18 18:26 ` Joel Becker
2009-05-18 18:26 ` [Ocfs2-devel] " Joel Becker
2009-05-19 16:32 ` Sage Weil
2009-05-19 16:32 ` Sage Weil
2009-05-19 19:20 ` Jonathan Corbet
2009-05-19 19:32 ` Joel Becker
2009-05-19 19:41 ` Jonathan Corbet
2009-05-19 19:41 ` Jonathan Corbet
2009-05-19 19:33 ` Jonathan Corbet
2009-05-19 20:15 ` Jamie Lokier
2009-05-25 7:44 ` [Ocfs2-devel] [RFC] The reflink(2) system call v4. - Question for suitability Mihail Daskalov
2009-05-25 20:42 ` Joel Becker
2009-05-28 0:24 ` [Ocfs2-devel] [RFC] The reflink(2) system call v5 Joel Becker
2009-05-28 0:24 ` Joel Becker
2009-09-14 22:24 ` Joel Becker
2009-09-14 22:24 ` Joel Becker
2009-09-14 22:24 ` [Ocfs2-devel] " Joel Becker
2009-05-11 20:49 ` [RFC] The reflink(2) system call v2 Joel Becker
2009-05-11 20:49 ` [Ocfs2-devel] " Joel Becker
2009-05-11 22:49 ` jim owens
2009-05-11 22:49 ` [Ocfs2-devel] " jim owens
2009-05-11 23:46 ` Joel Becker
2009-05-11 23:46 ` [Ocfs2-devel] " Joel Becker
2009-05-12 0:54 ` Chris Mason
2009-05-12 0:54 ` [Ocfs2-devel] " Chris Mason
2009-05-12 20:36 ` Jamie Lokier
2009-05-12 20:36 ` [Ocfs2-devel] " Jamie Lokier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A08B084.3070209@hp.com \
--to=jowens@hp.com \
--cc=jmorris@namei.org \
--cc=joel.becker@oracle.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mtk.manpages@gmail.com \
--cc=ocfs2-devel@oss.oracle.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.