Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp431151ybf; Fri, 28 Feb 2020 00:35:56 -0800 (PST) X-Google-Smtp-Source: APXvYqxrbTJzTD2o3o2dQ5WG5oleSg/feVX58o1zwAs5TXZjlj+kS5QDgNImiVmVoUaj0J6F6lCc X-Received: by 2002:a9d:12af:: with SMTP id g44mr2399171otg.332.1582878956651; Fri, 28 Feb 2020 00:35:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582878956; cv=none; d=google.com; s=arc-20160816; b=eRDOZXNwJFPabtS1IMRuOsSI/xFoVr2Lr6MPbrzdCU64kVCFWrLf3VV29nL56TWVO9 qwC2FbFZ7XQBOvEcryyvzHkwJ8E5/h+1C2HSbOundNz0QHOk2rPD7cRX60ruHY3pxocu yXTA5OSekmnmgwVs7LgI5myogxdbJFhybpxKoOGcVFUdjol/fW3CsYxQ23k3HmiKPKS/ Sd0JogMG/aiQBwsLix8/htHzUr8Ydjhq+/J4736HM1ZYdnGiP+gbK8Nz9R8WaHnkYv1P 82+QJb2Ldg7oI4MLXlCChCPPYleZm08yExBvv+LPGWcr5eZlRLm+Nca0jW73qM1E5EBh YDJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=OXyFeX6mAXl7ibpfgMxisE4ycSpVpmIz9s5cjNf8Vhw=; b=ESZXfdOwne6VIMUL7N72gS64/a46CJi7P6jFO3yDu/CtmSE9Gm2M3yDzOQ8wB98kgD X7Iz9/hQRegZpilpoopbHeyPN0jXxj0muETgpDQlZuREL07M4HeeYpcRuf03sAaKBWre 8x2gCN4a4IrAabtM9rHya/WY8MsvX5TCYdKc5llsOGYCV1acLgLpVPe+40nn9L+j4FNk xpp3N3fEzPnbNoKLybUomtyrUF+9qF8bdLXsZxwNgRySOjJNjDfeCKKp0fGROM4HFRJW n9rkbF5snRIgLo/YTWe17orfJqBeNtbqMeBOxSFfUqhO0ry6HfmJu2W/2Q1B+Mp9Etkj JvDQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=pn3452AK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h18si1106029otj.114.2020.02.28.00.35.44; Fri, 28 Feb 2020 00:35:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=pn3452AK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726579AbgB1If3 (ORCPT + 99 others); Fri, 28 Feb 2020 03:35:29 -0500 Received: from mail-il1-f193.google.com ([209.85.166.193]:39147 "EHLO mail-il1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726418AbgB1If3 (ORCPT ); Fri, 28 Feb 2020 03:35:29 -0500 Received: by mail-il1-f193.google.com with SMTP id w69so2045847ilk.6 for ; Fri, 28 Feb 2020 00:35:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=szeredi.hu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=OXyFeX6mAXl7ibpfgMxisE4ycSpVpmIz9s5cjNf8Vhw=; b=pn3452AKsTBvGlo0Y5JA0NZltS3uiCzuNxlOu9vIU/91jdvfz1MmnUcdniXZft8fOK uRgelnJFXnk/5446/FJEkurj9vFQkfopb6YzN9hGnaI6ygpIsXBuRwoK4kfbvuwENiZZ 0wpCmRg1DtQDcyWKqHDbVr5FOAQOpPzh6yVGk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=OXyFeX6mAXl7ibpfgMxisE4ycSpVpmIz9s5cjNf8Vhw=; b=H5XjKRdwK/1lpHOs+u5iCvU/XRbr6pN0BMh/KSHmuvbArUNjiJ5zNm3tcQLTQNchWK rm0VRgf03ydVA/Hqt/Gy73YIMKUMRXIyFt7tD9GfJGm4+X/iXqLu4ZScC90b8emOOnjf oku2r5z6/Vc5NkdToawsyZQrDFoA931+XYYe3iKAKP0T6SWScMFdm6tPJ39dDfQwKFBX XFaTiYcDhZ8Ru/3iOi4OJ2MjaGUalpjLag1hczS9LU9KHRzFAS2ieXEq6fEPhqDosHS7 WCe//4b2ZAI3RmIGy/lXh4LqCPjCYjT9AaTB0E7/fmVncx1B1ON6FN6frvSJ8g/ltgLC XImQ== X-Gm-Message-State: APjAAAUH/I94nxPXOiMo6VEr/STf0GP3PhM/yO+8yUC3ULEcghxpvvAA N7sKRFbKg4HM3mD0VJgXio7C3ODpQStB46hp08NNnw== X-Received: by 2002:a92:c0c9:: with SMTP id t9mr3379386ilf.174.1582878928605; Fri, 28 Feb 2020 00:35:28 -0800 (PST) MIME-Version: 1.0 References: <1582556135.3384.4.camel@HansenPartnership.com> <1582644535.3361.8.camel@HansenPartnership.com> <1c8db4e2b707f958316941d8edd2073ee7e7b22c.camel@themaw.net> <3e656465c427487e4ea14151b77d391d52cd6bad.camel@themaw.net> <20200227151421.3u74ijhqt6ekbiss@ws.net.home> In-Reply-To: From: Miklos Szeredi Date: Fri, 28 Feb 2020 09:35:17 +0100 Message-ID: Subject: Re: [PATCH 00/17] VFS: Filesystem information and notifications [ver #17] To: Ian Kent Cc: Karel Zak , Miklos Szeredi , James Bottomley , Steven Whitehouse , David Howells , viro , Christian Brauner , Jann Horn , "Darrick J. Wong" , Linux API , linux-fsdevel , lkml , Lennart Poettering , =?UTF-8?Q?Zbigniew_J=C4=99drzejewski=2DSzmek?= , Greg Kroah-Hartman , util-linux@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 28, 2020 at 1:43 AM Ian Kent wrote: > > I'm not sure about sysfs/, you need somehow resolve namespaces, order > > of the mount entries (which one is the last one), etc. IMHO translate > > mountpoint path to sysfs/ path will be complicated. > > I wonder about that too, after all sysfs contains a tree of nodes > from which the view is created unlike proc which translates kernel > information directly based on what the process should see. > > We'll need to wait a bit and see what Miklos has in mind for mount > table enumeration and nothing has been said about name spaces yet. Adding Greg for sysfs knowledge. As far as I understand the sysfs model is, basically: - list of devices sorted by class and address - with each class having a given set of attributes Superblocks and mounts could get enumerated by a unique identifier. mnt_id seems to be good for mounts, s_dev may or may not be good for superblock, but s_id (as introduced in this patchset) could be used instead. As for namespaces, that's "just" an access control issue, AFAICS. For example a task with a non-initial mount namespace should not have access to attributes of mounts outside of its namespace. Checking access to superblock attributes would be similar: scan the list of mounts and only allow access if at least one mount would get access. > While fsinfo() is not similar to proc it does handle name spaces > in a sensible way via. file handles, a bit similar to the proc fs, > and ordering is catered for in the fsinfo() enumeration in a natural > way. Not sure how that would be handled using sysfs ... I agree that the access control is much more straightforward with fsinfo(2) and this may be the single biggest reason to introduce a new syscall. Let's see what others thing. Thanks, Miklos