Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp167168imm; Fri, 10 Aug 2018 09:15:59 -0700 (PDT) X-Google-Smtp-Source: AA+uWPwHQMSvWjEqmuS2O7rKVwusmLlhBsU0pvlUNKr4WsULvw7WxD25lHU88ikMtOgje1lY1fiI X-Received: by 2002:a63:4203:: with SMTP id p3-v6mr7038838pga.184.1533917759167; Fri, 10 Aug 2018 09:15:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533917759; cv=none; d=google.com; s=arc-20160816; b=qb+VzxQK05P1sWGBsrNuLb6AQX2CBYD9rKFpj9M6X/joLCiSwj+DFaXLOukIEKlig2 PmUkYYhg9zKLE58Y/4IPDKAiUbQ07LHj+5cL58OkNRwWyeCBNwnAhqDDGqtzsBAVxRUZ gafYEr+3b8PjdQlF8zM21v+l77LEF5I0OlNZf3DvNpuH9cY48B5VOrm6C7g3B3X6Ckpc 4Qrd0eqmoGG1vgt5P0rmmlaAvyJXVup+66oI7zPpNHWTQjryQ5jt98+3LkAXnVELuI1L MUsL4UZtvXuHNw2CD27SBjEcKFmk1WJEdq3JfQu6ohc0k2XTe2PbeXBhXnMqaIjvB9Jr i8wQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=SML2hrdrnTP2GFsjV13UJ8h9GTZNMMCvlSxSz8mpmH8=; b=JHKQDB9+YVCEmuG999JM/C63YIqpRlsircg2QNSsz7iooPGHg74M882HhfUXj3/KFl xMVJrjBN6yYRXr78N4n9VTSL4rnOfGLFDlw4NGqL5Z/tHTMyU5HvOY4DC2NX1gFs7EBX bYZipyVVVp0fHmlP0Wx+5QNV+ICY07nWufF4QGCCN0A1pVVQhvhKqXQ07j/Km5R6GtmA Qrn/r1/1MojBnq26QNNh8Icd/4YPUXCOIzqNVBK2dd1q7mkC7Q78xFMyx47Hk18Ser3r s/W2FPtWjzVpgv2Rdg8JjR4dKUAE5gaKct0VauerPaRveXfREuOdNhVBaPUuKuBS1Z1g CJww== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@thunk.org header.s=ef5046eb header.b=KAdgtBrT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q18-v6si7836419plr.134.2018.08.10.09.15.44; Fri, 10 Aug 2018 09:15:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@thunk.org header.s=ef5046eb header.b=KAdgtBrT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729218AbeHJSox (ORCPT + 99 others); Fri, 10 Aug 2018 14:44:53 -0400 Received: from imap.thunk.org ([74.207.234.97]:59672 "EHLO imap.thunk.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727639AbeHJSox (ORCPT ); Fri, 10 Aug 2018 14:44:53 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=thunk.org; s=ef5046eb; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=SML2hrdrnTP2GFsjV13UJ8h9GTZNMMCvlSxSz8mpmH8=; b=KAdgtBrTVdOTfYDs4aRsMefQVx vl6HiRbe/6yXPaJz1X13ExHgAY1gdOO3Sd0OgekX1yGQgDPPRCb9/IxZS2qrd8dfWPJ4rxFX6r0kn IEgaWjJ/7zmc/ldAGGqMxPFLkjs3btvKC3Ool3nUBWyuWXSk0neTZrdsbbxZmp6IcrR4=; Received: from root (helo=callcc.thunk.org) by imap.thunk.org with local-esmtp (Exim 4.89) (envelope-from ) id 1foA37-00025N-8W; Fri, 10 Aug 2018 16:14:01 +0000 Received: by callcc.thunk.org (Postfix, from userid 15806) id 881997A570B; Fri, 10 Aug 2018 12:14:00 -0400 (EDT) Date: Fri, 10 Aug 2018 12:14:00 -0400 From: "Theodore Y. Ts'o" To: David Howells Cc: "Eric W. Biederman" , viro@zeniv.linux.org.uk, John Johansen , Tejun Heo , selinux@tycho.nsa.gov, Paul Moore , Li Zefan , linux-api@vger.kernel.org, apparmor@lists.ubuntu.com, Casey Schaufler , fenghua.yu@intel.com, Greg Kroah-Hartman , Eric Biggers , linux-security-module@vger.kernel.org, Tetsuo Handa , Johannes Weiner , Stephen Smalley , tomoyo-dev-en@lists.sourceforge.jp, cgroups@vger.kernel.org, torvalds@linux-foundation.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Miklos Szeredi Subject: Re: BUG: Mount ignores mount options Message-ID: <20180810161400.GA627@thunk.org> Mail-Followup-To: "Theodore Y. Ts'o" , David Howells , "Eric W. Biederman" , viro@zeniv.linux.org.uk, John Johansen , Tejun Heo , selinux@tycho.nsa.gov, Paul Moore , Li Zefan , linux-api@vger.kernel.org, apparmor@lists.ubuntu.com, Casey Schaufler , fenghua.yu@intel.com, Greg Kroah-Hartman , Eric Biggers , linux-security-module@vger.kernel.org, Tetsuo Handa , Johannes Weiner , Stephen Smalley , tomoyo-dev-en@lists.sourceforge.jp, cgroups@vger.kernel.org, torvalds@linux-foundation.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Miklos Szeredi References: <20180810153902.GH21087@thunk.org> <87d0uqpba5.fsf@xmission.com> <153313703562.13253.5766498657900728120.stgit@warthog.procyon.org.uk> <22361.1533913891@warthog.procyon.org.uk> <28045.1533916438@warthog.procyon.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <28045.1533916438@warthog.procyon.org.uk> User-Agent: Mutt/1.10.1 (2018-07-13) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: tytso@thunk.org X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 10, 2018 at 04:53:58PM +0100, David Howells wrote: > Theodore Y. Ts'o wrote: > > > Even *with* file system support, there's no way today for the VFS to > > keep track of whether a pathname resolution came through one > > mountpoint or another, so I can't do something like this: > > Ummm... Isn't that encoded in the vfsmount pointer in struct path? Well, yes, and we do use this as a hack to make read-only bind mounts work. But that's done as a special case, and it's for permissions checking only. The big problem is that there is single dentry cache object regardless of which mount point was used to access it. So that makes it impossible to support case folding as a mount-pointism. > > However, the case folding stuff - is that a superblockism of a mountpointism? It's a superblock-ism. As far as I know the *only* thing that we can support as a mount-pointism is the ro flag, and that's handled as a special case, and only if the original superblock was mounted read/write. ey That was my point; aside from the ro flag, we can't support any other mount options as a per-mount point thing, so the only thing we can do is to fail the mount if there are conflicting mount options. And I'm not really sure it helps the container use case, since the whole point is they want their "guest" to be able to blithely run "mount /dev/sda1 -o noxattr /mnt" and not worry about the fact that in some other container, someone had run "mount /dev/sda1 -o xattr /mnt". But having the second mount fail because of conflicting mount option breaks the illusion that containers are functionally as rich as VM's. So before you put in lots of work to support rejecting the attmpted mount if the mount options conflict, are we sure people will actually find this to be useful? Because it's not only fsopen() work for you, but each file system is going to have to implement new functions to answer the question "are these mount options conflicting or not?". Are we sure it's worth the effort? - Ted