Received: by 2002:a05:6a10:c604:0:0:0:0 with SMTP id y4csp3954382pxt; Tue, 10 Aug 2021 15:50:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz+p2JO+x+pWBuFg01wtQtQOA95Wn0/f8tsI3hX21kTPOgdDV8y6aujZ8yEYeDZfT9BeK8Y X-Received: by 2002:a92:cb48:: with SMTP id f8mr13072ilq.197.1628635821777; Tue, 10 Aug 2021 15:50:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628635821; cv=none; d=google.com; s=arc-20160816; b=AKJX6oLp1D14zY9a+d/qo+jJWOiLELVtG90A6ib1mMjZxAsWNMEQZZH8+NMvl8mPLM hiYYlOBvafWQMtWv9JWf1GUtp3jPBgrzx5N6zGtO99DjPXOObkGPI7FAU6j/Xrbjnjb1 JNMmwNHuasTZGr+d23RbYq68EB1oHZIb2GQr4KtPJ9dfGhY49g1vRNmgwJleWoEbjkTG lxU6EhmVt7LGljkeknTxGC9nBfiybVkzDhSZh5lN+SxT6cePnEB6MzoaPLf5kd35lwcF hhYz+GHajNbsbEqUtI/TtTdqecFnT8A38CwaJm3dgLkmdnWJqyKMhje3FmwoM5M+FWj2 ivVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :to:subject:cc:dkim-signature; bh=yIH0KUnZv7CbUNuLVwKk6Yjj2btfYGCd33gAi0qy9lk=; b=hrSgXf2csn6VuAS19tATZwGeNPd5FfWIpWZHRJ6IgtDdXCaq8r7b6M2LDb0XVjsJJv +YVYx9W/898O54tz+8oFEpC1iQNReHv3qs/cpercbIhIUJNsx/NdXoF7Q0DcLUd0mBwP WBtDvbixG7GMmMPR4zYzvFNN+VsFoZig2zKjVvrl5FCXHG7/EkhqVGFC5V/MhPAmS2fE MAfzrG3WQW0afxy4LBaOIG+EnFmTn/TQXesq5BDOm7pVB7w4eCoMaBZL1urmedt4/C70 iVcePNGSchV4XHj1mu+pMa5sgMzSJFZ0uSg19e+7keYNaBsqu1tyhbpwxO2simJFeJ9k CEew== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ocbTw3+o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f12si24606576ila.117.2021.08.10.15.50.10; Tue, 10 Aug 2021 15:50:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ocbTw3+o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235227AbhHJWro (ORCPT + 99 others); Tue, 10 Aug 2021 18:47:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38658 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231380AbhHJWrn (ORCPT ); Tue, 10 Aug 2021 18:47:43 -0400 Received: from mail-pj1-x1029.google.com (mail-pj1-x1029.google.com [IPv6:2607:f8b0:4864:20::1029]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 03151C061765; Tue, 10 Aug 2021 15:47:21 -0700 (PDT) Received: by mail-pj1-x1029.google.com with SMTP id cp15-20020a17090afb8fb029017891959dcbso6571272pjb.2; Tue, 10 Aug 2021 15:47:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=cc:subject:to:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=yIH0KUnZv7CbUNuLVwKk6Yjj2btfYGCd33gAi0qy9lk=; b=ocbTw3+op+JN/IWY/wUmffxiA+QAfcrR9mImsaFZDuNkDLCwp+PxLcwflgxgjz3wst ckQs+f9MjZuAzdFfR2VLgZ9+lgaITXcI66cBDksKJWBpJXQMUX4n9TPIaa/cdcPAKnOg URRXWcuppxAnjw88ww3w7VnoRRrNWKDlrVb+9lRBe5NlySmaZq7x5SeYQgkDNHTEv/kH XbISyjnk2ZcWk0jRK++PeGVZbGWzK/+B4gKpkfrcCi1Bjbatfeyqr73THSUUXjg+wr32 kCkFWKX8VbpzhZ7iLVQgxviwRSXY7AVu2bUTc4L4sLNmGnRZIUzOlk3GsxLayj2svRPP msXA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:cc:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=yIH0KUnZv7CbUNuLVwKk6Yjj2btfYGCd33gAi0qy9lk=; b=Yj1d/vjexaciN+AMlT27hv/0SeMCVBTkh6CSjwn55p4P6xXO5pZwmlTtoSpYzviBmv p3fMMDInBTI/0GqWpXu+sZ7do5+9SxZ0AxpEUBI4hk3PbonqLcGD6Au5/rJ+YuC1nx6U RQ8X6WhstXs3hoNI6vdDbfq4+ujazpOgHHF6i5jurusJNk+wzeFji2Zv54TXkEo7AwRv hZSwpYE6c3HrxdjPrWPoQYk4z048kSpunBixbg6+sgE9LTD3j7gPiyrvxjGOTyksSAgg Hj7UAubCtLgR0vHoToAIbdlLhCZe/O3PTrYakFeXYwP7kP651RmaE13ZlL4zVwO1W0xn gM7Q== X-Gm-Message-State: AOAM531BdonvfkDfKIqzMJdtDzE1+StfOtl8DVJK1KYqNu88/7AogGjG v6Tyst2b5D1AhvJ7RQ45Vqg= X-Received: by 2002:aa7:8387:0:b029:395:a683:a0e6 with SMTP id u7-20020aa783870000b0290395a683a0e6mr31367561pfm.12.1628635640525; Tue, 10 Aug 2021 15:47:20 -0700 (PDT) Received: from [192.168.1.71] (122-61-176-117-fibre.sparkbb.co.nz. [122.61.176.117]) by smtp.gmail.com with ESMTPSA id a20sm4208799pjh.46.2021.08.10.15.47.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 10 Aug 2021 15:47:19 -0700 (PDT) Cc: mtk.manpages@gmail.com, Alejandro Colomar , linux-fsdevel , lkml , linux-man , Christoph Hellwig Subject: Re: Questions re the new mount_setattr(2) manual page To: Christian Brauner References: From: "Michael Kerrisk (man-pages)" Message-ID: Date: Wed, 11 Aug 2021 00:47:14 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Christian, Some further questions... In ERRORS there is: EINVAL The underlying filesystem is mounted in a user namespace. I don't understand this. What does it mean? Also, there is this: ENOMEM When changing mount propagation to MS_SHARED, a new peer group ID needs to be allocated for all mounts without a peer group ID set. Allocation of this peer group ID has failed. ENOSPC When changing mount propagation to MS_SHARED, a new peer group ID needs to be allocated for all mounts without a peer group ID set. Allocation of this peer group ID can fail. Note that technically further error codes are possi‐ ble that are specific to the ID allocation implementation used. What is the difference between these two error cases? (That is, in what circumstances will one get ENOMEM vs ENOSPC and vice versa?) And then: EPERM One of the mounts had at least one of MOUNT_ATTR_NOATIME, MOUNT_ATTR_NODEV, MOUNT_ATTR_NODIRATIME, MOUNT_ATTR_NOEXEC, MOUNT_ATTR_NOSUID, or MOUNT_ATTR_RDONLY set and the flag is locked. Mount attributes become locked on a mount if: • A new mount or mount tree is created causing mount prop‐ agation across user namespaces. The kernel will lock Propagation is done across mont points, not user namespaces. should "across user namespaces" be "to a mount namespace owned by a different user namespace"? Or something else? the aforementioned flags to protect these sensitive properties from being altered. • A new mount and user namespace pair is created. This happens for example when specifying CLONE_NEWUSER | CLONE_NEWNS in unshare(2), clone(2), or clone3(2). The aforementioned flags become locked to protect user name‐ spaces from altering sensitive mount properties. Again, this seems imprecise. Should it say something like: "... to prevent changes to sensitive mount properties in the new mount namespace" ? Or perhaps you have a better wording. Thanks, Michael