From: Miklos Szeredi <miklos@szeredi.hu>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Jann Horn <jannh@google.com>,
Casey Schaufler <casey@schaufler-ca.com>,
Andy Lutomirski <luto@amacapital.net>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
David Howells <dhowells@redhat.com>,
Al Viro <viro@zeniv.linux.org.uk>, Karel Zak <kzak@redhat.com>,
Jeff Layton <jlayton@redhat.com>,
Miklos Szeredi <mszeredi@redhat.com>,
Nicolas Dichtel <nicolas.dichtel@6wind.com>,
Christian Brauner <christian@brauner.io>,
Lennart Poettering <lennart@poettering.net>,
Linux API <linux-api@vger.kernel.org>,
Ian Kent <raven@themaw.net>,
LSM <linux-security-module@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: file metadata via fs API (was: [GIT PULL] Filesystem Information)
Date: Wed, 12 Aug 2020 09:23:23 +0200 [thread overview]
Message-ID: <CAJfpegtXtj2Q1wsR-3eUNA0S=_skzHF0CEmcK_Krd8dtKkWkGA@mail.gmail.com> (raw)
In-Reply-To: <CAHk-=whE42mFLi8CfNcdB6Jc40tXsG3sR+ThWAFihhBwfUbczA@mail.gmail.com>
On Tue, Aug 11, 2020 at 11:19 PM Linus Torvalds
<torvalds@linux-foundation.org> wrote:
>
> On Tue, Aug 11, 2020 at 1:56 PM Miklos Szeredi <miklos@szeredi.hu> wrote:
> >
> > So that's where O_ALT comes in. If the application is consenting,
> > then that should prevent exploits. Or?
>
> If the application is consenting AND GETS IT RIGHT it should prevent exploits.
>
> But that's a big deal.
>
> Why not just do it the way I suggested? Then you don't have any of these issues.
Will do.
I just want to understand the reasons why a unified namespace is
completely out of the question. And I won't accept "it's just fugly"
or "it's the way it's always been done, so don't change it". Those
are not good reasons.
Oh, I'm used to these "fights", had them all along. In hindsight I
should have accepted others' advice in some of the cases, but in
others that big argument turned out to be a complete non-issue. One
such being inode and dentry duplication in the overlayfs case vs.
in-built stacking in the union-mount case. There were a lot of issues
with overlayfs, that's true, but dcache/icache size has NEVER actually
been reported as a problem.
While Al has a lot of experience, it's hard to accept all that
anecdotal evidence just because he says it. Your worries are also
just those: worries. They may turn out to be an issue or they may
not.
Anyway, starting with just introducing the alt namespace without
unification seems to be a good first step. If that turns out to be
workable, we can revisit unification later.
Thanks,
Miklos
next prev parent reply other threads:[~2020-08-12 7:23 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-03 15:27 [GIT PULL] Mount notifications David Howells
2020-08-03 15:49 ` [GIT PULL] Filesystem Information David Howells
2020-08-03 16:42 ` Miklos Szeredi
2020-08-04 2:15 ` Ian Kent
2020-08-04 14:36 ` Miklos Szeredi
2020-08-05 1:33 ` Ian Kent
2020-08-05 8:00 ` Miklos Szeredi
2020-08-05 11:13 ` Ian Kent
2020-08-05 8:24 ` file metadata via fs API (was: [GIT PULL] Filesystem Information) Miklos Szeredi
2020-08-11 13:54 ` Miklos Szeredi
2020-08-11 14:08 ` Al Viro
2020-08-11 14:22 ` Miklos Szeredi
2020-08-11 14:31 ` Al Viro
[not found] ` <CAAgocE07=vVKpQhG+rjEGO=NEBKZ02gjg4TRPxECAc+RKrzn=Q@mail.gmail.com>
2020-08-11 14:36 ` Al Viro
2020-08-11 14:36 ` Miklos Szeredi
2020-08-11 14:42 ` Al Viro
2020-08-11 14:47 ` Miklos Szeredi
2020-08-11 15:20 ` Linus Torvalds
2020-08-11 15:30 ` Miklos Szeredi
2020-08-11 16:05 ` Linus Torvalds
2020-08-11 18:49 ` Miklos Szeredi
2020-08-11 19:31 ` Lennart Poettering
2020-08-11 19:50 ` Christian Brauner
2020-08-11 19:39 ` Christian Brauner
2020-08-12 0:53 ` Ian Kent
2020-08-11 15:39 ` Andy Lutomirski
2020-08-11 16:17 ` Casey Schaufler
2020-08-11 16:30 ` Linus Torvalds
2020-08-11 20:28 ` Miklos Szeredi
2020-08-11 20:36 ` Jann Horn
2020-08-11 20:56 ` Miklos Szeredi
2020-08-11 21:17 ` Andy Lutomirski
2020-08-11 21:18 ` Linus Torvalds
2020-08-12 7:23 ` Miklos Szeredi [this message]
2020-08-12 14:39 ` Al Viro
2020-08-12 14:46 ` Miklos Szeredi
2020-08-12 15:08 ` Al Viro
2020-08-12 15:13 ` Miklos Szeredi
2020-08-12 16:33 ` Al Viro
2020-08-12 17:16 ` Miklos Szeredi
2020-08-12 17:39 ` Al Viro
2020-08-12 18:33 ` Al Viro
2020-08-12 21:30 ` Al Viro
2020-08-18 9:41 ` Miklos Szeredi
2020-08-18 9:30 ` Miklos Szeredi
2020-08-12 15:22 ` David Howells
2020-08-11 21:20 ` Al Viro
2020-08-11 21:35 ` Casey Schaufler
2020-08-11 16:05 ` Al Viro
2020-08-11 16:09 ` Linus Torvalds
2020-08-11 16:39 ` Al Viro
2020-08-12 10:14 ` Karel Zak
2020-08-12 13:09 ` Miklos Szeredi
2020-08-12 13:33 ` David Howells
2020-08-12 13:54 ` Miklos Szeredi
2020-08-12 0:05 ` David Howells
2020-08-12 7:55 ` Miklos Szeredi
2020-08-12 8:29 ` David Howells
2020-08-12 8:37 ` Miklos Szeredi
2020-08-12 9:43 ` file metadata via fs API Steven Whitehouse
2020-08-12 10:04 ` Miklos Szeredi
2020-08-12 11:28 ` Karel Zak
2020-08-12 12:43 ` Miklos Szeredi
2020-08-13 8:52 ` Karel Zak
2020-08-12 13:06 ` David Howells
2020-08-13 1:01 ` Ian Kent
2020-08-12 18:18 ` file metadata via fs API (was: [GIT PULL] Filesystem Information) Linus Torvalds
2020-08-12 19:34 ` file metadata via fs API Steven Whitehouse
2020-08-12 19:50 ` Linus Torvalds
2020-08-13 3:44 ` Ian Kent
2020-08-13 10:36 ` Karel Zak
2020-08-14 7:58 ` Lennart Poettering
2020-08-17 11:32 ` Steven Whitehouse
2020-08-17 17:15 ` Linus Torvalds
2020-08-17 22:44 ` Linus Torvalds
2020-08-18 12:50 ` Miklos Szeredi
2020-08-18 18:51 ` Linus Torvalds
2020-08-18 20:18 ` Miklos Szeredi
2020-08-18 20:53 ` Linus Torvalds
2020-08-21 13:17 ` Miklos Szeredi
2020-08-19 2:29 ` Al Viro
2020-08-13 3:53 ` file metadata via fs API (was: [GIT PULL] Filesystem Information) Jeffrey E Altman
2020-08-14 17:05 ` Linus Torvalds
2020-08-18 15:01 ` Jeffrey E Altman
2020-08-14 8:06 ` Lennart Poettering
2020-08-12 13:54 ` David Howells
2020-08-12 14:10 ` Miklos Szeredi
2020-08-12 14:23 ` David Howells
2020-08-03 22:48 ` [GIT PULL] Mount notifications Ian Kent
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJfpegtXtj2Q1wsR-3eUNA0S=_skzHF0CEmcK_Krd8dtKkWkGA@mail.gmail.com' \
--to=miklos@szeredi.hu \
--cc=casey@schaufler-ca.com \
--cc=christian@brauner.io \
--cc=dhowells@redhat.com \
--cc=jannh@google.com \
--cc=jlayton@redhat.com \
--cc=kzak@redhat.com \
--cc=lennart@poettering.net \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mszeredi@redhat.com \
--cc=nicolas.dichtel@6wind.com \
--cc=raven@themaw.net \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.