Received: by 10.223.185.116 with SMTP id b49csp3509828wrg; Tue, 13 Feb 2018 03:33:02 -0800 (PST) X-Google-Smtp-Source: AH8x227N1XAHxYnufapvL/5p+tYeLkF+mW7UhFVXBaNLtNm5n++5Izax+f3KL+IqhQSNz2LLfpzj X-Received: by 10.99.114.22 with SMTP id n22mr762606pgc.21.1518521582175; Tue, 13 Feb 2018 03:33:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518521582; cv=none; d=google.com; s=arc-20160816; b=pMIgTue4FWCo2P/FFF61dZia0xmk8C2TXAI9+YhQ68FnZumsYGJB7qloSHzlORNcxq MwNynxnSTWbx2o4+vlFjksWb9+XTwoR2iVcQ9WfK4Gm1q6IuHTE4s8jEes6057G90MLK EHmzZCP9tfWUK2GUCTusITGuFzw024K4BWFW2ciM/0lCAuTa2t89jTu8/aFD9asTYH9I LZQJjbTBSbmmXP+dIH+GUygwH/s1UkxItCkItKJAPPjyi2GfP2+y7CYvoYwJiZRw2lXB Kg730+TPwWjj/g24NL8ZUrEHIvN0hoKLqzSJOMCpCWuqk5D5A6V2CNAVQ6OoRXk5E8wa oiPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:arc-authentication-results; bh=h2j32gnnMW7zGyDtnfimm8zv/26TfjtoP7C0zYbdfFE=; b=Mp5XFxYEtftc2PU2etH3TDHAiH43EZ2qKFL6msg7vud9IE4iYgKSQmz+xO2kH/k4XT Q3wVerbECNYQ8q6Q6k4t56iH86qJr6ee0VrgXcyoqEDZ6biPvN+Vs9LPaBOtGSOQca73 t3KfuPcIC/vd9qoda5QzFkYXPqvuWMe9KeuyjGoW9co19MPGEOucw1eQrqS8wambpcTp hSXz3u4A1yDJsfQg+UCIm1CtnKyxmQxQtINZWhUP9LdmLVuAtOdVJa0t/jkF/g0/+zM9 ZlAJaGNFuFY8TH26TqachLEy5eaU29hDm46MqHE5W94BuLsJ2VZTHwY6f87jIvkj/Ri3 Vr5w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 62si7921005pfh.204.2018.02.13.03.32.47; Tue, 13 Feb 2018 03:33:02 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934887AbeBMLcL (ORCPT + 99 others); Tue, 13 Feb 2018 06:32:11 -0500 Received: from mail-qk0-f173.google.com ([209.85.220.173]:34272 "EHLO mail-qk0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933926AbeBMLcK (ORCPT ); Tue, 13 Feb 2018 06:32:10 -0500 Received: by mail-qk0-f173.google.com with SMTP id o7so7690137qkc.1 for ; Tue, 13 Feb 2018 03:32:10 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=h2j32gnnMW7zGyDtnfimm8zv/26TfjtoP7C0zYbdfFE=; b=qj3JjiElGylJvYuAN//fLsr4dzGDpHtX9ih7qrAa6fUmJ+mtihymA4qu+hUxT8fzt2 lUJbbA9you1nhDZJ9LLUtqXvXxg+J1auLqZd02v8xc21QFPt1nVdrFuNvHhyJK4PJZgx 7U+LCfeyDojku/P4K68xBVUcaQiivvwLD+3c0C7Lzhz6DV26oXXT7R/IF8OMa6Yt8LF7 16FhrrS/hod58Sw/iozu8q0lXrz08xIwTtuskgSCREmU1iIOVzkLGduCFVB7oi5EB1z7 7PGi1A0IeI4jS9DSKy77NiQo9wccOp8XrKgHlt7fElRJGWRKF3PTVULhH0wH0ChAkiKW trMw== X-Gm-Message-State: APf1xPDJ5g7TBvEKyXm1tlLrCl9HNYNuxVceEtlKPc3b5OeIf5ZCDGfv jeipsDwEa1APWP1sLeOOqNwK4NOR2GkFoDeTv2F9EeS7 X-Received: by 10.55.176.3 with SMTP id z3mr1331222qke.298.1518521529711; Tue, 13 Feb 2018 03:32:09 -0800 (PST) MIME-Version: 1.0 Received: by 10.140.95.17 with HTTP; Tue, 13 Feb 2018 03:32:09 -0800 (PST) In-Reply-To: References: From: Miklos Szeredi Date: Tue, 13 Feb 2018 12:32:09 +0100 Message-ID: Subject: Re: [PATCH v5 00/11] FUSE mounts from non-init user namespaces To: Dongsu Park Cc: lkml , containers@lists.linux-foundation.org, Alban Crequy , "Eric W . Biederman" , Seth Forshee , Sargun Dhillon Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 22, 2017 at 3:32 PM, Dongsu Park wrote: > Patches 1-2 deal with an additional flag of lookup_bdev() to check for > additional inode permission. fuse_blk is less suitable for unprivileged mounting than plain fuse. fusermount doesn't allow mounting fuse_blk unprivileged, so there's little data about that usecase (IIRC ntfs3g guys did that, or at least tried to do it, but I don't remember the details). As such, I think we should leave it out of the initial version. Which means you can drop patches 1-2 from this series. Unless there's a strong use case for this. In which case we should look hard at the differences between fuse_blk and fuse and how that affects unprivileged operation. There are a few assumptions about fuse_blk filesystem being more "well behaved", I think. Thanks, Miklos