Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1032209imm; Fri, 13 Jul 2018 10:16:05 -0700 (PDT) X-Google-Smtp-Source: AAOMgpfDHaOC43TgAZ013oyu4G8SUltbnhaR+BErPt0K1zHIWyNpvwHZSs5PVDAhpRXnIZGHHOwG X-Received: by 2002:a63:5106:: with SMTP id f6-v6mr6689385pgb.95.1531502165520; Fri, 13 Jul 2018 10:16:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531502165; cv=none; d=google.com; s=arc-20160816; b=lbo7C0yYdqVKt6DOq7ELrIDctjYBIPYPud/9agrukCFBmqR3P4wlH8nrOeSlECMOd6 6m0HJTxVsOciNWVLypNISGyHD/lCx9s2nFXPKP9CNdhrKSMa+P9+nkBrZUydcTVArQaO sh6BvZH912Op6ZcO8mz4c1KXwqrYe7d8oVBWycHft9uX53iKkfS2tjwaYg2EcQDlk82n h1A49j2mhLs8NHJ5yQxGVBHZO6j5hNg6RFaYcKwjRxOSMVyomqfjXdZRxQ4JJtBEPXcw HdEiaMgquMw7LX4yHyewYPtjKTzmKGcNJQzpjU6iRE3MT177Q8P5g9YdyW26fQYXJ+qw WJHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=SW1WqKMkMjLhYdQGpYfh7gP12HO8SyEVzbDKZsugfL8=; b=raNXoHw3CQGPN6jO+CTVLwDxP2kv7tiZKD4C0g13Pplz7XOkoZ11cGwZcI7wrpAYEB sGbbfZlfKiOdV6KbbeRjI75XyHzE3DWrLnoXDHw4NZ+Yi7d4DmLk5cv9OrlsXKmbSKVY E9MSym7pEYpWzcgDTFeR9gok1fimpUz6xvBO3WQpECnW/xktL4lTHtzdT64IDpsDKJ92 r2ow4lHvUMmicniHnICrUb8LnidTTm3SXe7kmv5tNhJ7fsPxbbS+TtJJPK3bfxItBvUL 9C0dFlFHZit6C8UO/HkdQ5w3aT/EZZw9OQjlvGGtedgCgohC+cwdhHNG+6gj5h3Otq2C hV7A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="YA8wh/ar"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p13-v6si14902445pgg.616.2018.07.13.10.15.50; Fri, 13 Jul 2018 10:16:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="YA8wh/ar"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731119AbeGMRaj (ORCPT + 99 others); Fri, 13 Jul 2018 13:30:39 -0400 Received: from mail.kernel.org ([198.145.29.99]:35746 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729960AbeGMRai (ORCPT ); Fri, 13 Jul 2018 13:30:38 -0400 Received: from mail-wm0-f47.google.com (mail-wm0-f47.google.com [74.125.82.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EFA0B208E3 for ; Fri, 13 Jul 2018 17:15:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1531502107; bh=tPItqzWUd1hNxjiVqRA0FEq9BtGKWcnD4SXbFcueOZo=; h=In-Reply-To:References:From:Date:Subject:To:Cc:From; b=YA8wh/arNlV/g2jslc59Cbsnd2W0bJFbMnja5wwKLR4dSV7Wt9Gkhendiop75ucr9 +9Qcq+TWbjyoCsTwWiuW22R7LKcpFmL7KHS1T1+7klEn+aB4wmrBcgnuvEuk28hsIm 7AuoqRfX7XPJV+HNyuAZkjs9+wplaEbEgDZXojIc= Received: by mail-wm0-f47.google.com with SMTP id z6-v6so5001025wma.0 for ; Fri, 13 Jul 2018 10:15:06 -0700 (PDT) X-Gm-Message-State: AOUpUlGgUdDQxAHLyJ3g+i6BGGoVQ7aqeuTDsisswkQLwpbn9O4Ll4tx sH2c0Oivk/F9OkpvDF3Hdgpyu2PFEQN8R39Y3Yc8LA== X-Received: by 2002:a1c:34c9:: with SMTP id b192-v6mr4653307wma.21.1531502105369; Fri, 13 Jul 2018 10:15:05 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a1c:d548:0:0:0:0:0 with HTTP; Fri, 13 Jul 2018 10:14:44 -0700 (PDT) In-Reply-To: <26576.1531496428@warthog.procyon.org.uk> References: <153126248868.14533.9751473662727327569.stgit@warthog.procyon.org.uk> <153126264966.14533.3388004240803696769.stgit@warthog.procyon.org.uk> <686E805C-81F3-43D0-A096-50C644C57EE3@amacapital.net> <22370.1531293761@warthog.procyon.org.uk> <7002.1531407244@warthog.procyon.org.uk> <338BC3C4-F3E7-48F0-A82E-2C7295B6640E@amacapital.net> <17749.1531429218@warthog.procyon.org.uk> <21131.1531488422@warthog.procyon.org.uk> <26576.1531496428@warthog.procyon.org.uk> From: Andy Lutomirski Date: Fri, 13 Jul 2018 10:14:44 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 24/32] vfs: syscall: Add fsopen() to prepare for superblock creation [ver #9] To: David Howells Cc: Linus Torvalds , Andrew Lutomirski , Al Viro , Linux API , linux-fsdevel , Linux Kernel Mailing List , Jann Horn , Tycho Andersen Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jul 13, 2018 at 8:40 AM, David Howells wrote: > Andy Lutomirski wrote: > >> > Whilst I'm at it, do we want the option of doing the equivalent of >> > mountat()? I.e. offering the option to open all the device files used by >> > a superblock with dfd and AT_* flags in combination with the filename? >> > >> >> Isn't that more or less what I was suggesting? > > Yes, you suggested that. I'm asking if we actually need that. > Suppose some program in a container chroots itself and then tries to create an fscontext backed by "/path/to/blockdev". The syscall gets intercepted by a container manager. That manager now has a somewhat awkward time of mounting the same fs, although it could use "/proc/PID/root/path/to/blockdev", I suppose. Even that approach has some potentially awkward permission issues. I would defer to the people who actually write software like this, but I can imagine fds being considerably easier to work with.