Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp6229553imd; Wed, 31 Oct 2018 08:39:32 -0700 (PDT) X-Google-Smtp-Source: AJdET5eqyZA/wfDIdlHTGSgZJCqMZ/ihe2qAUABEPE2Dm5ItYo96zygfyELtxxhv9So3V9aho2qY X-Received: by 2002:a17:902:6ac7:: with SMTP id i7-v6mr3990174plt.268.1541000372830; Wed, 31 Oct 2018 08:39:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1541000372; cv=none; d=google.com; s=arc-20160816; b=aPGhkEmANdTgvJygOCzStfp7uyXa+tcTIYe3fOdSX8wrUJQuGCbbKMAsP3ZjfRwV9+ EEYwa9Ol/wjd6A5uTdCIVeDoipXgNhSCXROds3OfABMsF55fG9UBt+XtNE63MRcwKkkD xDWfk59sBBkhB2Rol6JfoJuJkyU9stcwwPi8BKaObaJtSvVhzZzoQ0hio7fS008A9mF3 cDMVAD+klgAXoBdcRcZ5dlZRUnMw4Su9g61ADB5tQJQmRR77QvIIvxM8fcOzSInHVzso BFnT3icMAdG9XS/LE/Et16vMCAmHQlstQvZPrOYAG8lb6R1AFgs8fFn0qknugXtKkfZI /dmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:mime-version:user-agent :message-id:in-reply-to:date:references:cc:to:from; bh=xJ9xYeCk22mrzwrfFIZHsJnkB3QmxbA+3yx6AYZPjKs=; b=Rz18attiAawr6qcFH1fEbPtvL0UPRA96XyrQQJr8sJ3IUokKfTvVAFktJuUf0JwJWk dIHgk9uLPOFb4ZAYbgd9IyqRhC+Vnre81e6e651nSUE38Yu4QsT6COvhW7ty1t3nFHpw +mnUUA3dQTmmeYwL6Xf7UdntNuQD5biLZZXA1/9eLQu7eSRRV0ezi+j2LY8n8xzINCTf 55GddQG5iTV0TqiYkgaCRJ++vSY7/ZJQDqdHFpg5uL/WklmWoxY4itZMuB/feGm1RRAb RvREucFtpseMK0VVrhUnDaqoIYMLg4wqpugUPha/+u3GlVfycawpW/FxTijiBg6+iOiL pe1w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s26-v6si27360911pgl.584.2018.10.31.08.39.17; Wed, 31 Oct 2018 08:39:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729480AbeKAAhV (ORCPT + 99 others); Wed, 31 Oct 2018 20:37:21 -0400 Received: from out03.mta.xmission.com ([166.70.13.233]:52268 "EHLO out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729383AbeKAAhV (ORCPT ); Wed, 31 Oct 2018 20:37:21 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]) by out03.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1gHsa0-0000Zz-O8; Wed, 31 Oct 2018 09:38:48 -0600 Received: from 67-3-154-154.omah.qwest.net ([67.3.154.154] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1gHsa0-0008C8-4v; Wed, 31 Oct 2018 09:38:48 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Al Viro Cc: Linus Torvalds , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org References: <20181031053355.GQ32577@ZenIV.linux.org.uk> Date: Wed, 31 Oct 2018 10:38:17 -0500 In-Reply-To: <20181031053355.GQ32577@ZenIV.linux.org.uk> (Al Viro's message of "Wed, 31 Oct 2018 05:33:55 +0000") Message-ID: <87a7mut9cm.fsf@xmission.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1gHsa0-0008C8-4v;;;mid=<87a7mut9cm.fsf@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=67.3.154.154;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX18XAOKbFsInlH6z+/I3T22miDHqRnOUaEI= X-SA-Exim-Connect-IP: 67.3.154.154 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa05.xmission.com X-Spam-Level: *** X-Spam-Status: No, score=3.1 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,TVD_RCVD_IP,T_TM2_M_HEADER_IN_MSG,T_XMDrugObfuBody_12, XMSubMetaSxObfu_03,XMSubMetaSx_00 autolearn=disabled version=3.4.1 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.4981] * 0.0 TVD_RCVD_IP Message was received from an IP address * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa05 1397; Body=1 Fuz1=1 Fuz2=1] * 1.0 T_XMDrugObfuBody_12 obfuscated drug references * 1.2 XMSubMetaSxObfu_03 Obfuscated Sexy Noun-People * 1.0 XMSubMetaSx_00 1+ Sexy Words X-Spam-DCC: XMission; sa05 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ***;Al Viro X-Spam-Relay-Country: X-Spam-Timing: total 253 ms - load_scoreonly_sql: 0.06 (0.0%), signal_user_changed: 6 (2.4%), b_tie_ro: 2.2 (0.9%), parse: 1.44 (0.6%), extract_message_metadata: 12 (4.6%), get_uri_detail_list: 1.82 (0.7%), tests_pri_-1000: 6 (2.4%), tests_pri_-950: 1.28 (0.5%), tests_pri_-900: 1.04 (0.4%), tests_pri_-90: 32 (12.8%), check_bayes: 31 (12.2%), b_tokenize: 6 (2.5%), b_tok_get_all: 9 (3.5%), b_comp_prob: 2.3 (0.9%), b_tok_touch_all: 11 (4.2%), b_finish: 0.72 (0.3%), tests_pri_0: 176 (69.6%), check_dkim_signature: 0.51 (0.2%), check_dkim_adsp: 6 (2.3%), tests_pri_10: 3.5 (1.4%), tests_pri_500: 10 (4.0%), rewrite_mail: 0.00 (0.0%) Subject: Re: [git pull] mount API series X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Al Viro writes: > mount API series from David Howells. Last cycle's objections > had been of the "I'd do it differently" variety and with no such > differently done variants having ever materialized over several > cycles... Absolutely not. My objections fundamentally is that I can find real problems when I look at the code. Further the changes have not been incremental changes that have evolved the code from one state to another but complete replacements of code that make code review very difficult and bisection completely inapplicable. I also object that this series completely fails to fix the worst but I have ever seen in the mount API. Whit no real intrest shown in working to fix it. A couple of bugs that I can see quickly. Several of which I have previously reported: - There is an easily triggered NULL pointer deference with open_tree and mount propagation. - Bisection will not work with the cpuset filesystem patch. At least cpuset looks like it may be mountable now. - The setting of fc->user_ns on proc remains broken. In particular if you create a child user namespace and attempt to mount proc it will succeed instead of fail. - The mqueue filesystem has the same issue as proc. fc->user_ns is misset. I suspect I didn't report it well but I reported both the proc and the mqueue filesystem weeks before the merge window opened. I am going to stop there. I believe there are more issues in the code. I am relieved that I am not seeing the loss of some of the security hooks that I thought I saw last time I looked at the code. Given both that I have reported bugs that remain unfixed and it's non-evolutionary nature that makes this patchset hard to review I have no confidence in this set of patches. I think the scope has been too large for anyone to properly review the code and it should be broken into smaller pieces. That there were significant open_tree and move_mount issues being found just before the merge window opened seems a testament to that. (AKA the first 3 or so patches in the patchset and fundamental to the rest). My apologies that we have not been able communication better and that I have not been able to clearly point out all of the bugs. My apologies I have not yet been able to give more constructive feedback. Still at the end of the day there remain regressions of existing functionality in that tree. Eric