Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp1880669rwd; Fri, 9 Jun 2023 03:41:46 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4ayozcpVNPC6cBNE7YfadM6mJFXdG3iMwt7PIb0eNonmnjDzw+MQ8buoBjJQpPiqATu2xm X-Received: by 2002:a05:6359:638f:b0:127:f4b4:d996 with SMTP id sg15-20020a056359638f00b00127f4b4d996mr1116564rwb.16.1686307306641; Fri, 09 Jun 2023 03:41:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686307306; cv=none; d=google.com; s=arc-20160816; b=pzH78/lqU5wW5VlXAiMHTk/rl1pf8E3zT6G/gF5PYcWAUMvgKkpMFvVQJdMLw1kLl7 NTz/hMhgMvR7rJdPEHJ0zgcaGNfif5euq6sI9gjVuQf2AJ5KECooKEGYT88yUgnV18T6 +YF+MogksQnPiD3Jqd+3xKTgYTHmUfaRR32QmYEZ2aRAvf3bMVkMT4PW+oHgxyp+INko Mh/gGtq/gHrxlQ3aDepfzFWHliSftZRk2L6SiWSCg7SROKKmKdM2BPInoNLlY6goMBtr sERRXtz8XqXCJFN1Fo5nTaS2Xjm0n/8fxhCNA5YCK1wrs9oxg+of+O02t4HUs8URoGjZ el/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=x/LSfzy08peg5Has0ch83FB0MT7KpddVcyNy/Fniu5c=; b=JuUB0nyZgDuNThcfZv1tc3yMOVQWXTvwqLKroT+bBiRNaOHpvIIhUmO7WkFCyjTEuz klxnI2CilyT6H0gXNjXZ031qUTfv51LY08FQeHeAU+VjGHDUHLY2BeHl18lUy0ETjuWq dzZ2hJ4sXVNl6u4o+BBIol8WsC4Rno7lVv/PwP21Sz64u/wAbieTfoAeynDUpZR2Yl0X qHCzCZH8DGW/SkzXTYHdY0U2ddC3fzl2+X/BXYoFpL+Lcbep3d45+BNXo3mVi5OwyMU0 1isTjkIPFE3BEChuNwoKXEce7q/HhqpuBHCKrWqiKNfXBQd7QraA+lzfXhoIvDsqEaJh vn2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b="Wq9Q+d/j"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g9-20020a633749000000b005344b60f7ddsi2418000pgn.117.2023.06.09.03.41.32; Fri, 09 Jun 2023 03:41:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b="Wq9Q+d/j"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241600AbjFIKVX (ORCPT + 99 others); Fri, 9 Jun 2023 06:21:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34236 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241426AbjFIKU4 (ORCPT ); Fri, 9 Jun 2023 06:20:56 -0400 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2EB56527A for ; Fri, 9 Jun 2023 03:12:31 -0700 (PDT) Received: from mail-yb1-f198.google.com (mail-yb1-f198.google.com [209.85.219.198]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 4AEB23F36C for ; Fri, 9 Jun 2023 10:12:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1686305548; bh=x/LSfzy08peg5Has0ch83FB0MT7KpddVcyNy/Fniu5c=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=Wq9Q+d/j5hGl2DjwYMXR16thBG6lOLEuJPhLRTWlR4//ip8GEttvIu+SDnXgbCbxy fUCyt5zHBiiblDAFXjQw+xYUTwgQWTKjKKByLQHKgdJF04KEB5FBX6ZoWIvw/6+BRa x+iKkqEHsQ3/H3f2iBc/sQEnXjs7M9Gq7d6k9WeYfCVZwbaTCpZf/ji1cwJ5MZrh1n +mtL7lXNtRYG8vmxafoo6M2Bemm9aEUMBpUDWUpCs9O7MZOYzSqxB47gMZPwLzLJik g50O+vkKQt+WHxS6FZQlCNs1IUARSVT/myLe3xmIBdaXXcO+at5DjWcxuzQ3Dwrl2G cQe1kuISN58eA== Received: by mail-yb1-f198.google.com with SMTP id 3f1490d57ef6-ba82ed6e450so2195153276.2 for ; Fri, 09 Jun 2023 03:12:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686305547; x=1688897547; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x/LSfzy08peg5Has0ch83FB0MT7KpddVcyNy/Fniu5c=; b=HsqREflfGlLZMakzHhqeTgVhLHCS7GjuWZsWDHye8Q6s3bbcPrFlOp1H73tVhtVTCK 6Bqlg0k85rcTZFbf8Bz4mRFOBcKbQ4OtvI5/NqGjM4LFOp+AyYEXa2duq58gcmPnG/fN GLi1l/AiTkHTSJmn2QTtW26TsOyGXPtf7BfPXqLEPmncGLxJ+quYH1NCKAIMkYLnBZIl 97QdRtW+9wJ7YmqgvTOSFE1rTigByfsfBQ09jhDnlF9+XlQhkg5a1Ohi+GnVTb2L+DD0 JAiNTBBj7r04eHu1nI+sNUp5pUzz80gyA+Hl/HL8hedVOu2fYieLFg0b3VkoeWtaSu8C Nk0w== X-Gm-Message-State: AC+VfDyo60WlrHzOm3jESpR5IAzf+XAJE8h3jMip9Egghm2bi7zBvyb8 s1JEQUbGL+eAoVzKFJvwQri7+7oOY3sear+5K775lWeQa8UFuWtTt9lp6KhPu2gTGJafufzGsjR 3SFKSuZNbOzI5NKjctR1drIQO2rVmPLnwDYKT8FE0SGLeZcF7JVql8uTY/w== X-Received: by 2002:a5b:2d1:0:b0:bbb:5379:1057 with SMTP id h17-20020a5b02d1000000b00bbb53791057mr611003ybp.37.1686305547145; Fri, 09 Jun 2023 03:12:27 -0700 (PDT) X-Received: by 2002:a5b:2d1:0:b0:bbb:5379:1057 with SMTP id h17-20020a5b02d1000000b00bbb53791057mr610994ybp.37.1686305546889; Fri, 09 Jun 2023 03:12:26 -0700 (PDT) MIME-Version: 1.0 References: <20230608154256.562906-1-aleksandr.mikhalitsyn@canonical.com> <20230609-alufolie-gezaubert-f18ef17cda12@brauner> In-Reply-To: <20230609-alufolie-gezaubert-f18ef17cda12@brauner> From: Aleksandr Mikhalitsyn Date: Fri, 9 Jun 2023 12:12:15 +0200 Message-ID: Subject: Re: [PATCH v5 00/14] ceph: support idmapped mounts To: Christian Brauner Cc: Xiubo Li , stgraber@ubuntu.com, linux-fsdevel@vger.kernel.org, Ilya Dryomov , Jeff Layton , ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jun 9, 2023 at 12:00=E2=80=AFPM Christian Brauner wrote: > > On Fri, Jun 09, 2023 at 10:59:19AM +0200, Aleksandr Mikhalitsyn wrote: > > On Fri, Jun 9, 2023 at 3:57=E2=80=AFAM Xiubo Li wro= te: > > > > > > > > > On 6/8/23 23:42, Alexander Mikhalitsyn wrote: > > > > Dear friends, > > > > > > > > This patchset was originally developed by Christian Brauner but I'l= l continue > > > > to push it forward. Christian allowed me to do that :) > > > > > > > > This feature is already actively used/tested with LXD/LXC project. > > > > > > > > Git tree (based on https://github.com/ceph/ceph-client.git master): > > > > Hi Xiubo! > > > > > > > > Could you rebase these patches to 'testing' branch ? > > > > Will do in -v6. > > > > > > > > And you still have missed several places, for example the following c= ases: > > > > > > > > > 1 269 fs/ceph/addr.c <> > > > req =3D ceph_mdsc_create_request(mdsc, CEPH_MDS_OP_GETA= TTR, > > > mode); > > > > + > > > > > 2 389 fs/ceph/dir.c <> > > > req =3D ceph_mdsc_create_request(mdsc, op, USE_AUTH_MDS= ); > > > > + > > > > > 3 789 fs/ceph/dir.c <> > > > req =3D ceph_mdsc_create_request(mdsc, op, USE_ANY_MDS)= ; > > > > We don't have an idmapping passed to lookup from the VFS layer. As I > > mentioned before, it's just impossible now. > > ->lookup() doesn't deal with idmappings and really can't otherwise you > risk ending up with inode aliasing which is really not something you > want. IOW, you can't fill in inode->i_{g,u}id based on a mount's > idmapping as inode->i_{g,u}id absolutely needs to be a filesystem wide > value. So better not even risk exposing the idmapping in there at all. Thanks for adding, Christian! I agree, every time when we use an idmapping we need to be careful with what we map. AFAIU, inode->i_{g,u}id should be based on the filesystem idmapping (not mount), but in this case, Xiubo want's current_fs{u,g}id to be mapped according to an idmapping. Anyway, it's impossible at now and IMHO, until we don't have any practical use case where UID/GID-based path restriction is used in combination with idmapped mounts it's not worth to make such big changes in the VFS layer. May be I'm not right, but it seems like UID/GID-based path restriction is not a widespread feature and I can hardly imagine it to be used with the container workloads (for instance), because it will require to always keep in sync MDS permissions configuration with the possible UID/GID ranges on the client. It looks like a nightmare for sysadm= in. It is useful when cephfs is used as an external storage on the host, but if= you share cephfs with a few containers with different user namespaces idmapping= ... Kind regards, Alex