Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp621493imm;
        Fri, 10 Aug 2018 18:48:44 -0700 (PDT)
X-Google-Smtp-Source: AA+uWPydFYVIw9R2CPJCydB04bnMD1hs3CEoKqi/+f5BcjWWbpinyPRky4Bn9eGrRT741eRNd7vz
X-Received: by 2002:a63:f50a:: with SMTP id w10-v6mr8622381pgh.23.1533952124343;
        Fri, 10 Aug 2018 18:48:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1533952124; cv=none;
        d=google.com; s=arc-20160816;
        b=NrYLVD/QihlQUzT/lCiC3Kh2Q/WYl2Yj8PcRh33tVv68o1QJgE4g6jZDbalV2ehxR0
         pZrgrCng18jg+t420GPznRJrq3m75U4pAdnArHrWuQwPLf26K9vwY3cpnh7BwxHTuBeH
         PSfT7ZgJ9tL7rw3jOyqjVA77hY1bimL0P6Gvdcu7zJ8RryasUAte3ygv/EtijT2jD0dZ
         Le8golsqHmVnJSj5sJc9CxOIOAmMylug6zFguPAv1ktl7JuJvrWIOUtH+VerQ92802Lo
         uLvxNOVP6BU7xjtZhlc+QbMaUmcq8TCIn+VXC7uAf6nt01PbFy0SWnTY8V0/khwunu34
         Y3GQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:mail-followup-to
         :message-id:subject:cc:to:from:date:dkim-signature
         :arc-authentication-results;
        bh=nWXc6vZEs9KhppBzlPhwuChgkTa4gq2ZEZL2+ARQpM4=;
        b=0FS7eYAx5nvtE8x4h7LL0WPN7h1O7kbAwGu2qABcjxoLiMwYW5Z6gQxtUtbkcTCOEI
         tyqRKl9jbVULVCXNUOzhZTr+A7DuXjdIeYWeclHiwpN3hpu82HAWScAFhMHMwu+U0Q0W
         7JiNgIArbDJxzCRKCsGM44kYRc8Gs9ueTWkNOFsX+WahZa6rGfqqCmAQIOzBV416ZOYE
         4M4pp2l+ZW/YxcIMsIiPmDqZeeZ+CuCFfRdDi45yqjlla5UDotb+EF+Lb7OZ2cYUUx/3
         aS9H90mx7Q7wnDJ0CC0k81ak+oWL1IhF1g6EpLSHE6rD7inCSAw/dV1adkRTNqJE2xC2
         RamA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@thunk.org header.s=ef5046eb header.b=kgwkahbJ;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w37-v6si12055838pgl.514.2018.08.10.18.48.16;
        Fri, 10 Aug 2018 18:48:44 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@thunk.org header.s=ef5046eb header.b=kgwkahbJ;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727043AbeHKETO (ORCPT <rfc822;stevepeted@gmail.com>
        + 99 others); Sat, 11 Aug 2018 00:19:14 -0400
Received: from imap.thunk.org ([74.207.234.97]:33184 "EHLO imap.thunk.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725199AbeHKETO (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 11 Aug 2018 00:19:14 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=thunk.org;
         s=ef5046eb; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:
        Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID:
        Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
        :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
        List-Post:List-Owner:List-Archive;
        bh=nWXc6vZEs9KhppBzlPhwuChgkTa4gq2ZEZL2+ARQpM4=; b=kgwkahbJIVD+QOLq9z7YZK4cRe
        +vPC4T+vOOcvHXj+P7uDVrRqGZAbZudYedjHfE9UxQpgSNVMvKumIm+7DLjUi8Bwk29b3iHS9uWbF
        BqH6gni5r81SNepZVL+MUYVJF7qxicAR+V14jTJ+EZVHgAavsoo5C9fjAWCSihBVbEMk=;
Received: from root (helo=callcc.thunk.org)
        by imap.thunk.org with local-esmtp (Exim 4.89)
        (envelope-from <tytso@thunk.org>)
        id 1foIyz-00066a-2M; Sat, 11 Aug 2018 01:46:21 +0000
Received: by callcc.thunk.org (Postfix, from userid 15806)
        id 5F6D37A5B5D; Fri, 10 Aug 2018 21:46:19 -0400 (EDT)
Date:   Fri, 10 Aug 2018 21:46:19 -0400
From:   "Theodore Y. Ts'o" <tytso@mit.edu>
To:     "Eric W. Biederman" <ebiederm@xmission.com>
Cc:     Al Viro <viro@ZenIV.linux.org.uk>,
        David Howells <dhowells@redhat.com>,
        John Johansen <john.johansen@canonical.com>,
        Tejun Heo <tj@kernel.org>, selinux@tycho.nsa.gov,
        Paul Moore <paul@paul-moore.com>,
        Li Zefan <lizefan@huawei.com>, linux-api@vger.kernel.org,
        apparmor@lists.ubuntu.com,
        Casey Schaufler <casey@schaufler-ca.com>, fenghua.yu@intel.com,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Eric Biggers <ebiggers@google.com>,
        linux-security-module@vger.kernel.org,
        Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>,
        Johannes Weiner <hannes@cmpxchg.org>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        tomoyo-dev-en@lists.sourceforge.jp, cgroups@vger.kernel.org,
        torvalds@linux-foundation.org, linux-fsdevel@vger.kernel.org,
        linux-kernel@vger.kernel.org, Miklos Szeredi <miklos@szeredi.hu>
Subject: Re: BUG: Mount ignores mount options
Message-ID: <20180811014619.GA14368@thunk.org>
Mail-Followup-To: "Theodore Y. Ts'o" <tytso@mit.edu>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Al Viro <viro@ZenIV.linux.org.uk>,
        David Howells <dhowells@redhat.com>,
        John Johansen <john.johansen@canonical.com>,
        Tejun Heo <tj@kernel.org>, selinux@tycho.nsa.gov,
        Paul Moore <paul@paul-moore.com>, Li Zefan <lizefan@huawei.com>,
        linux-api@vger.kernel.org, apparmor@lists.ubuntu.com,
        Casey Schaufler <casey@schaufler-ca.com>, fenghua.yu@intel.com,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Eric Biggers <ebiggers@google.com>,
        linux-security-module@vger.kernel.org,
        Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>,
        Johannes Weiner <hannes@cmpxchg.org>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        tomoyo-dev-en@lists.sourceforge.jp, cgroups@vger.kernel.org,
        torvalds@linux-foundation.org, linux-fsdevel@vger.kernel.org,
        linux-kernel@vger.kernel.org, Miklos Szeredi <miklos@szeredi.hu>
References: <153313703562.13253.5766498657900728120.stgit@warthog.procyon.org.uk>
 <87d0uqpba5.fsf@xmission.com>
 <20180810151606.GA6515@ZenIV.linux.org.uk>
 <87pnypiufr.fsf@xmission.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <87pnypiufr.fsf@xmission.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: tytso@thunk.org
X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Aug 10, 2018 at 08:05:44PM -0500, Eric W. Biederman wrote:
> 
> My complaint is that the current implemented behavior of practically
> every filesystem in the kernel, is that it will ignore mount options
> when mounted a second time.

The file system is ***not*** mounted a second time.

The design bug is that we allow bind mounts to be specified via a
block device.  A bind mount is not "a second mount" of the file
system.  Bind mounts != mounts.

I had assumed we had allowed bind mounts to be specified via the block
device because of container use cases.  If the container folks don't
want it, I would be pushing to simply not allow bind mounts to be
specified via block device at all.

The only reason why we should support it is because we don't want to
break scripts; and if the goal is not to break scripts, then we have
to keep to the current semantics, however broken you think it is.

					- Ted